What happens when a security professional tries to help a government fix its insecure software? In this talk, I'll share my story: from writing a secure coding policy and offering it to the Canadian government, lobbying elected officials, contacting agencies like CRA about their poor security practices—and being met with silence, deflection, or outright dismissal. I didn't stop there. I wrote public letters, went on podcasts, published on Risky Biz, and even got interviewed by CBC. But the institutions in charge of protecting our data? Either silence or "No comment, because security." This isn't just a rant—it's a roadmap. I'll show you the secure coding guideline I created (free to reuse), explain why governments need public-facing AppSec policies, and outline how we can push for secure-by-default practices as citizens, hackers, and builders. Because secure code isn't just for dev teams—it's for democracy, privacy, and public safety. Let's make it law. Let's make it public. By: Tanya Janca | CEO and Secure Coding Trainer, She Hacks Purple Consulting Presentation Materials Available at: https://ift.tt/oTsheWV
source https://www.youtube.com/watch?v=JDo_RfDKQCw
-
Germany recalled its ambassador to Russia for a week of consultations in Berlin following an alleged hacker attack on Chancellor Olaf Scho...
-
Android’s May 2024 security update patches 38 vulnerabilities, including a critical bug in the System component. The post Android Update ...
No comments:
Post a Comment