Coding Blocks avatar

Dexa/Coding Blocks

Learn more
Published Jan 31, 2022

PagerDuty's Security Training for Engineers, The Dramatic Conclusion

Dive deep into the world of cybersecurity as Joe Zack and Michael Outlaw unravel the complexities of side channel attacks, explore best practices in software security, and discuss essential session management strategies, equipping engineers with vital insights to safeguard sensitive information and user data.
Episode Highlights
Coding Blocks logo

Topics covered

Popular Clips

Episode Highlights

  • Permissions

    The principle of least privilege is crucial in software security, as and discuss. They emphasize minimizing permissions for script execution to limit potential damage if an attacker gains access 1. Joe highlights the importance of revoking unnecessary permissions and setting only the required ones, especially in cloud environments like Google Pub/Sub 2. Michael warns against over-reliance on roles, which can lead to excessive permissions.

    You try to have those run under the least permissive permissions that is allowed to get the job done.

    ---

    Balancing granular permissions with roles is a challenge, but necessary to maintain security.

       

    Vulnerabilities

    Classic security vulnerabilities like buffer overflows and side channel attacks pose significant risks. explains how buffer overflow attacks exploit application failures by executing malicious code placed at the end of a buffer 3. He also discusses side channel attacks, which extract data through indirect means like power consumption or acoustic signals 4. These vulnerabilities highlight the need for robust security measures.

    It's really easy to get a root shell doing this.

    ---

    Understanding these threats is essential for developing effective defenses.

Related Episodes