I am an MSP, I don't usually deal with dev teams. Is it worth getting into this? Join us tomorrow at noon for a thought-provoking panel discussion designed for MSPs exploring the world of developer security. We'll go into how to start and what steps to take with limited development knowledge. This session is Wizer's MSP community. If you're interested in joining, DM me, and I’ll send you the meeting link. Code Wizer :)
Gabriel Friedlander’s Post
More Relevant Posts
-
It's CRAZY how easy it is to accidentally let Google index sensitive info! I bet many people and organizations are spilling secrets like this without even realizing it. SHARE, like, and comment to spread the word and keep everyone safe. This Wizer video is a real story, dramatized and performed by an actress. Stay WIZER!
To view or add a comment, sign in
-
The Craziest Auction in History!!! Picture this: It's 193 AD, and you're in the Roman Forum. There's an auction going on, and guess what? The entire Roman Empire is up for grabs! The last emperor? Dead, courtesy of the Praetorian Guard. Starting bid? 25,000 sesterces per guard. You’re Didius Julianus, and you think, “Why not?” You place the winning bid. Boom, you own the Roman Empire. But hold up, just a month and a half later, the same Praetorian Guard turns on you. Guess what? You're dead. Moral of the story: 👉 Culture eats strategy for breakfast. 👉 Think about security from the start, not as an afterthought. 👉 Implement an insider threat program. Stay WIZER!
To view or add a comment, sign in
-
Do you really know who you actually hired?! I posted this video a while back, and people commented that it was too crazy. But now, it's becoming more common and easier than ever. This is real! SHARE this, comment, and like to help others stay safe! P.S. This is a true story, dramatized and performed by an actress. Stay WIZER!
To view or add a comment, sign in
-
This content isn’t available here
Access this content and more in the LinkedIn app
To view or add a comment, sign in
-
Rant time: What did you expect?! You’re not even putting security in the job description for your developers. How are you going to shift left like that?! Just because someone is experienced with React, Node, or Go doesn’t mean they know how to write secure code. If you’re a CISO or security manager, talk to your R&D manager and make secure coding or OWASP Top 10 a mandatory requirement for every new hire. And if you really want to see if they know their stuff, use WIZER CTF for free and make them solve at least one challenge. Once you have a team that understands secure coding, they’ll write secure code naturally. It won’t be another task they need to do later. Security doesn’t have to be expensive, it just needs to be part of every developer’s skill set from the get-go. Code Wizer!
To view or add a comment, sign in
-
-
If I were a fly on the wall at CrowdStrike's root cause investigation, here’s what I might have heard: 👉 Kernel Developer: "This isn’t a new bug. It’s been like this forever, and we never had issues. The issue lies with the content update." 👉 Content Update Developer: "I provided a good file (The Channel File) that passed QA. Ask them what went wrong." 👉 QA Team: "We ran all the tests, and everything checked out. Talk to the test writers." 👉 QA Developers: "Those tests (Content Validators) were written ages ago. We don’t know who wrote them, and we’ve never had issues before. It’s probably something with the build server…" Obviously, I don't know exactly what happened - this is a hypothetical scenario. However, it’s a common situation in development teams. Developing, testing, and releasing software is very complex, and despite best efforts, bugs slip through. Sometimes they're minor, but other times they significantly impact operations. And guess what? Attackers are “QAing” your app too, looking for bugs to exploit. This highlights the crucial need for a strong security culture. The truth is, everyone is both right and wrong. Usually there’s no single person to blame, it’s a shared responsibility. It’s important for developers to practice writing secure code which helps reduce bugs. And just as we advise in security awareness to call and verify before transferring money, Dev and QA teams must also verify again before hitting "publish" (Zero-trust) . And yes, I know - it’s easier said than done… Stay Wizer!
To view or add a comment, sign in
-
-
Let’s talk about your champions! Building a successful security awareness champions program is not for the faint of heart but it’s not impossible, either! This month’s community live stream I’ll be speaking with Dustin Lehr of Katilyst who has built multiple custom programs successfully for organizations of all shapes and sizes. Join us as we talk about what the ingredients are for a successful program, what are realistic KPIs, and how to win allies across your organization to help make it a win for everyone. Be sure to hit the Attend button to get a notification. #securityawareness #securityculture #securitychampions #cybersecurity
Forging Allies For Security Awareness | Monthly Community Live Stream
www.linkedin.com
To view or add a comment, sign in
-
👉 Some security folks think people are "stupid" and will always click. 👉 Some users think security should do a better job and block those phishing links. So, who's right? Answer: Stop the blame game! Cybersecurity is a team effort and shared responsbility. Who should lead this change? - You! Stay WIZER and invest in a healthy security culture!
To view or add a comment, sign in
-
As I near the age of 50 (time really flies!), I've decided to pursue my private pilot license - because why just watch time fly when you can actually fly with it? Let me tell you, it's way more challenging than I ever imagined, and it closely parallels cybersecurity. Flying is fundamentally about risk management and incident response. The act of flying is straightforward, but practicing all the "what ifs" is incredibly demanding. It's all about rehearsing potential failures over and over again, so that you're prepared and stay cool if something goes wrong. Maybe companies should start sending their security teams to flight school :) maybe this would encourage them to frequently practice their incident response plans... When I started this journey, I had no idea what I was signing up for or how much time it would take. It feels like I accidentally enrolled in college without realizing it. Nevertheless, I LOVE it and am thoroughly enjoying the journey. Stay WIZER and don't forget to practice your incident response plan!
To view or add a comment, sign in