John Melton

@_jtmelton

Christ-follower, Husband, Dad, Security Guy, Developer, Lead on AppSensor

Charlotte, NC
Vrijeme pridruživanja: kolovoz 2011.

Tweetovi

Blokirali ste korisnika/cu @_jtmelton

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @_jtmelton

  1. 28. sij

    I know it's early, but this is my vote for talk of the year. This is a tremendous effort by Clint, and is stellar work. So many threads to follow/learn, so much help for security teams. I wish I had this years ago - I had to learn many of these lessons through trial/error.

    Poništi
  2. proslijedio/la je Tweet
    28. sij

    Over the past few years I've spent 100s (1000s?) of hours studying how companies have scaled their security. Here are my slides that distill what I've learned- the big, scalable, systematic wins that measurably improve your security posture.

    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    28. sij

    The End of the AppSec Team

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    16. sij

    I watched all 44 2019 talks (~32 hours of video) and wrote detailed summaries for you 📚 Learn about , scaling security, threat modeling, building a security program, & more.

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    9. sij

    btw you all should subscribe to security mailing list: probably the best one out there

    Poništi
  6. proslijedio/la je Tweet
    19. pro 2019.

    New blog post on injecting Vault secrets into via init containers or sidecars. This makes it much easier to integrate, and a more K8S native experience!

    Poništi
  7. proslijedio/la je Tweet
    16. lis 2019.

    Knowing when to build and when to buy seems to be a critical skill for security teams these days. Requires self-awareness, honest appraisal of the team's capabilities, and a solid grasp of opportunity costs.

    Prikaži ovu nit
    Poništi
  8. proslijedio/la je Tweet
    8. lis 2019.

    James Mickens recently got tenure at Harvard and his announcement page is 100% James Mickens

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    8. lis 2019.

    I couldn't be more excited and honored to be giving this keynote! 😀 It's a pleasure being a part of the and communities- so many smart people doing such awesome work, I'm constantly learning 🚀

    Poništi
  10. 2. lis 2019.

    It was a lot of fun to chat about my experiences starting security in DevOps. Also, is excellent, and if you get the chance to work with him, you should!

    Poništi
  11. proslijedio/la je Tweet
    2. lis 2019.

    In today's DevOps Defined, we talk to from Netsuite Oracle about his journey to introduce security into a DevOps environment to prevent a security disaster.

    Poništi
  12. proslijedio/la je Tweet
    24. ruj 2019.

    Re Trusted Types, I collected some of the history of the major design iterations we went through within Google. It's got my byline since I talk about my experiences in app development, but it covers work by many people over the years.

    Poništi
  13. proslijedio/la je Tweet
    23. ruj 2019.

    Still seeing a ton of downloads from bintray and maven central for versions of dependency-check prior to version 5. If that is from your org - ODC will start failing on Oct 9th. Upgrade to 5.2.2 ASAP!

    Poništi
  14. 20. ruj 2019.
    Prikaži ovu nit
    Poništi
  15. 19. ruj 2019.

    Honored and excited to get to talk about at in a couple months. Looking forward to it. Let me know if there are things you want me to include!

    Poništi
  16. Poništi
  17. proslijedio/la je Tweet
    14. ruj 2019.
    Odgovor korisnicima

    Most important thing from this talk - you need to upgrade to dependency-check 5.2.1 before Oct 9th, 2019. The NVD XML data feeds will be retired and versions earlier than 5.0.0 will stop getting updates.

    Poništi
  18. 12. ruj 2019.

    I'm hiring for several positions: security engineering (US/Canada/Czech Republic), security architecture (US/Canada), and development (US - not a security role). DMs are open.

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    28. kol 2019.

    I’m pleased to announce a new doc project for software maturity. The OWASP Software Component Verification Standard (SCVS). This project aims to normalize component analysis capabilities and concerns. It’s incubating.

    Poništi
  20. 21. kol 2019.

    Genuinely appreciate and really enjoying the work is doing at ... it's a joy to see it show up in my inbox. I don't say that about many things. Go sign up.

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·