For this week’s CDN #FollowFriday, we are showcasing ethical hackers that can provide insight on this practice.
First up is is Steve Werby, a security strategist, and business-minded hacker and researcher.
He tweets at: @stevewerby
How to not suck at infosec:
Do the basics (which work)
Consider threats
Have a target state
Share gaps & plan
Share status
Reassess
Repeat— Steve Werby (@stevewerby) January 5, 2015
The placement of Jeopardy Daily Doubles isn't random. The location frequency based on analysis of 13,663 of them: http://t.co/9q1uMWCbEq
— Steve Werby (@stevewerby) March 5, 2015
Google quietly drops promised default Android Lollipop encryption (FDE). Performance trumps security; != surprise. http://t.co/niz4mQ0KqH
— Steve Werby (@stevewerby) March 4, 2015
Next is Drew Porter, a security researcher with RF Security Group Inc., hacker and engineer.
Porter tweets at: @IAmRedShift
Discovering 0day on a security vendor's product – by @AdvancedThreat http://t.co/QNgB65Xorq
— Infosec Reactions (@sec_reactions) March 3, 2015
I don't even have an iPhone, but I am so happy about #Signal 2.0 from @whispersystems
— Drew RedShift Porter (@IAmRedShift) March 2, 2015
You can brick an entire wireless #smarthome remotely for $400. My research will be released this year. #IoT #security
— Drew RedShift Porter (@IAmRedShift) March 2, 2015
Third is Ashar Javed, a web application security researcher, Google Security Hall of Fame inductee and white hat for Twitter, Microsoft, Ebay, Adobe, Etsy, AT&T, Security Pages and Facebook.
He tweets at: @soaj1664ashar
Revisiting #XSS Sanitization
My Black Hat EU 2014 (@BlackHatEvents)
Slides http://t.co/u0GiPAhhwd
White Paper https://t.co/dvQEYUGRL6 #BHEU— Ashar Javed (@soaj1664ashar) October 17, 2014
$5,000 #XSS in @Hacker0x01: https://t.co/t32QdhTHLZ by @d_lec
— Ashar Javed (@soaj1664ashar) February 3, 2015
On Monday (2nd March), I will join Hyundai AutoEver Europe GmbH (Hyundai & KIA Motor Group) as a penetration tester. #newchapterinlife
— Ashar Javed (@soaj1664ashar) February 26, 2015