Brought to you by Linode - Build your next big idea @

Episode #136: Secure code lessons from Have I Been Pwned

Published Thurs, Nov 2, 2017, recorded Sat, Oct 28, 2017.

Do run any code that listens on an open port on the internet? This could be a website, a RESTful web service, or (gasp) even a database endpoint.

Troy Hunt, a renowned security expert likes to say that you're doing "free pen. testing for that product right there".

Join Troy and me on this episode of Talk Python To Me. We discuss lessons learned from running the vulnerability monitoring website Have I been pwned? As well as other lessons for developers to keep your code safe while providing public services.

Links from the show

Troy Hunt:
Troy on Twitter: @troyhunt
Have I been pwned?:
Disqus Demonstrates How to Do Breach Disclosure Right:
Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware:
What Would It Look Like If We Put Warnings on IoT Devices Like We Do Cigarette Packets?:
Careers in security, ethical hacking and advice on where to get started:

Some of Troy's Courses
What Every Developer Must Know About HTTPS:
Web Security and the OWASP Top 10: The Big Picture:
Crafting a Brand for Growth and Prosperity:
Exploring the Internet of Vulnerabilities:
Deconstructing the Hack:
Getting to grips with cloud computing security:

Little Bobby Table (SQL Injection Cartoon):

Troy Hunt
Troy Hunt
Troy Hunt is an Australian Microsoft Regional Director and also a Microsoft Most Valuable Professional for Developer Security. He doesn't work for Microsoft, but they're kind enough to recognize my community contributions by way of their award programs which I've been an awardee of since 2011. He gets to interact with some fantastic people building their best products and then share what he knows about creating secure applications for the web with the broader community.
Click to show comments

Individuals can support this podcast directly via Patreon. Corporate sponsorship opportunities available here.
Become a friend of the show
Stay in the know and get a chance to win our contests.
See our privacy statement about email communications.