RailsConf 2020 CE - Inoculating Rails Auth Against Bug Bounty Hunters by Jason Meller

Channel:
United States Confreaks
Subscribers:
42,400
Published on ● Video Link: https://www.youtube.com/watch?v=K7zo-wnvcLs


Duration: 45:04
1,081 views
12

Inoculating Rails Auth Against Bug Bounty Hunters by Jason Meller

You’ve rolled up your sleeves and built the most secure custom auth ever conceived by a dev team. Suddenly, your CTO informs you that your app will be participating in the Org's new Bug Bounty program. Terror fills your heart as you imagine security experts making mince-meat of your beautiful auth system. If only you knew their game plan... Kolide’s CEO, Jason Meller has been rolling his own Rails auth for over a decade and has the bug bounty receipts to prove it. In this talk, he will walk you through Kolide's actual bounty reports so you can level up your team’s auth system.

__________

Jason Meller is the CEO and Founder of Kolide, a security focused infrastructure analytics company. Jason has spent the majority of his 11 year career building tools and products in Ruby on Rails to aid cyber security professionals with the goal of ultimately making the field more accessible to newcomers.



Other Videos By Confreaks


2020-05-04RailsConf 2020 CE - Wrangle Your SQL With Arel by Eric Hayes
2020-05-04RailsConf 2020 CE - Debugging: Techniques for Uncertain Times by Chelsea Troy
2020-05-04RailsConf 2020 CE - Blank Page Panic! Creating Confidence with Test Driven ... by Elayne Juten
2020-05-04RailsConf 2020 CE - Building a Rails Controller From Scratch by Alex Kitchens
2020-05-04RailsConf 2020 CE - Inside Rails: The Lifecycle of a Response by Krystan HuffMenne
2020-05-04RailsConf 2020 CE - Fake It While You Make It by Kevin Murphy
2020-05-04RailsConf 2020 CE - Measure Twice, Cut Once by Alec Clarke
2020-05-04RailsConf 2020 CE - Communicating with Cops by Kyle d'Oliveira
2020-05-04RailsConf 2020 CE - Peeling Away the Layers of the Network Stack by Ufuk Kayserilioglu
2020-05-04RailsConf 2020 CE - Achieving Inclusivity Through Remote Work by Jameson Hampton
2020-05-04RailsConf 2020 CE - Inoculating Rails Auth Against Bug Bounty Hunters by Jason Meller
2020-05-04RailsConf 2020 CE - Encapsulating Views by Joel Hawksley
2020-05-04RailsConf 2020 CE - Building a Mentorship Program by Noel Rappin
2020-05-04RailsConf 2020 CE - The Circle Of Lifecycle Events by Nelson Wittwer
2020-05-04RailsConf 2020 CE - Mistakes Were Made by Jesse Spevack
2020-05-04RailsConf 2020 CE - Authorization in the GraphQL era by Nikolay Sverchkov
2020-05-04RailsConf 2020 CE - Monoliths Between Microservices by Vladimir Dementyev
2020-05-04RailsConf 2020 CE - Keynote: Technically, a Talk by Eileen Uchitelle
2020-05-04RailsConf 2020 CE - Advanced ActionText: Attaching any Model in rich text by Chris Oliver
2020-05-04RailsConf 2020 CE - Aaron Patterson's Variety Show!
2020-05-04RailsConf 2020 CE - Static Type Checking in Rails with Sorbet by Hung Harry Doan


Tags:
railsconf
railsconf2020ce