Security needs a preventative mindset. Develop one and make secure coding a second nature!
In this webinar you will learn:
- About the cat and mouse game of software security
- Why a lot of developers are doing password management wrong
- Which password guidelines are actually helpful in practice
- The best practices to follow when designing your password policy
- How Cydrill courses can raise your paranoia to a healthy level and can contribute to your code hygiene
Outline
Common misconceptions
Introduction to software security
- AppSec: The weakest link in cybersecurity
Some common password myths
- Password policy myth #1: Composition rules
- Password policy myth #2: Password expiration
- Password policy myth #3: Password hints and suggestions
- Password policy myth #4: No restrictions on passwords
Managing passwords the right way
- Password policy
- NIST authenticator requirements for memorized secrets
- Password hardening
- Using passphrases
- Demo – Password reset weakness
Learning how not to code.
Presenter: Balazs Kiss
Balazs has been working with software security for over 13 years as a security evaluator, researcher, and mentor. Recently he’s been focusing on helping developers learn about typical vulnerabilities to stop the problem literally at the source. To date, he has held more than 60 training courses of various sizes.