Preview Mode Links will not work in preview mode

DevelopSec: Developing Security Awareness

Jan 19, 2023

In this episode we talk about the spell check feature of the browser and how it could present a risk to sensitive data.

 

Link to article referenced: https://www.darkreading.com/application-security/spellchecking-google-chrome-microsoft-edge-browsers-leaks-passwords

 

 

For more info go to 


Dec 19, 2021

Log4J has been the talk of the town recently and everyone is focused on the technical details of the specific vulnerabilities found. In this episode, James talks about the overarching ideas around dealing with vulnerable components. Are you vulnerable? If so, what needs to be done?

For more info go to 


Feb 9, 2020

Chrome has announced a few changes that we need to watch out for in the near future. We previously talked about the default value for samesite that is coming up fast. I wrote about this here: https://www.jardinesoftware.net/2019/10/28/samesite-by-default-in-2020/

Also, they are getting ready to start blocking mixed...


Nov 15, 2019

It was recently announced that Chrome was dropping the XSS Auditor in Chrome 78. What does that mean and how does that change things for you as a developer?  

https://www.chromium.org/developers/design-documents/xss-auditor

For more info go to https://www.developsec.com or follow us on twitter (@developsec).

Join the...


Nov 6, 2019

In 2020, Chrome will default the SameSite attribute to Lax on all cookies. SameSite helps mitigate CSRF, but does that mean CSRF is Dead?

For more info go to https://www.developsec.com or follow us on twitter (@developsec).

Join the conversations.. join our slack channel. Email james@developsec.com for an...