Learn Python with Talk Python's 270 hours of courses

Secure code lessons from Have I Been Pwned

Episode #136, published Thu, Nov 2, 2017, recorded Sat, Oct 28, 2017

Do run any code that listens on an open port on the internet? This could be a website, a RESTful web service, or (gasp) even a database endpoint.

Troy Hunt, a renowned security expert likes to say that you're doing "free pen. testing for that product right there".

Join Troy and me on this episode of Talk Python To Me. We discuss lessons learned from running the vulnerability monitoring website Have I been pwned? As well as other lessons for developers to keep your code safe while providing public services.
Links from the show

Troy Hunt: troyhunt.com
Troy on Twitter: @troyhunt
Have I been pwned?: haveibeenpwned.com
Disqus Demonstrates How to Do Breach Disclosure Right: troyhunt.com/disqus-demonstrates-how-to-do-data-breach-disclosure-right
Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware: troyhunt.com/everything-you-need-to-know-about-the-wannacrypt-ransomware
What Would It Look Like If We Put Warnings on IoT Devices Like We Do Cigarette Packets?: troyhunt.com/what-would-it-look-like-if-we-put-warnings-on-iot-devices-like-we-do-cigarette-packets
Careers in security, ethical hacking and advice on where to get started: troyhunt.com/careers-in-security-ethical-hacking-and-advice-on-where-to-get-started

Some of Troy's Courses
What Every Developer Must Know About HTTPS: troyhunt.com/new-pluralsight-course-what-every-developer-must-know-about-https
Web Security and the OWASP Top 10: The Big Picture: troyhunt.com/new-pluralsight-course-web-security-and
Crafting a Brand for Growth and Prosperity: troyhunt.com/new-pluralsight-course-crafting-a-brand-for-growth-and-prosperity
Exploring the Internet of Vulnerabilities: troyhunt.com/new-pluralsight-course-exploring-the-internet-of-vulnerabilities-2
Deconstructing the Hack: troyhunt.com/new-pluralsight-course-deconstructing-the-hack
Getting to grips with cloud computing security: troyhunt.com/getting-to-grips-with-cloud-computing-security-on-pluralsight

Little Bobby Table (SQL Injection Cartoon): xkcd.com/327
Episode transcripts: talkpython.fm

--- Stay in touch with us ---
Subscribe to us on YouTube: youtube.com
Follow Talk Python on Mastodon: talkpython
Follow Michael on Mastodon: mkennedy

Want to go deeper? Check out our courses

Talk Python's Mastodon Michael Kennedy's Mastodon