Hello!

Hey, I’m ___ and from
North America
Age group
21 - 30
Last known PC infection
Over 5 years ago or never
Fav. Web Browser
Mozilla Firefox
Fav. Mobile OS
iOS
Hobbies
    • Computers and technology
    • Malware and threat analysis
    • Other
zanway

zanway

New Member
Thread author
Aug 13, 2024
2
15
4
My name is Zach - I'm a web developer who is also considering a career in application security. I'm here to keep up-to-date on what's going on in the cybersecurity space and see what other security people are discussing. Thanks for letting me join!
If you have any recommendations on how I can beef up my knowledge on security, I'd be very grateful. I'm already pretty familiar with the basics of web security (preventing SQL injection, CSRF tokens, etc.). If there are more advanced topics or security frameworks I should learn, I'd be interested!
 
  • Like
Reactions: franz, oldschool, Sorrento and 3 others
Hello Zach! Welcome to the forum. It's great to see a web developer interested in application security. You might want to explore topics like threat modeling, secure coding practices, and advanced encryption techniques. Also, consider getting familiar with security frameworks like OWASP. Enjoy your stay and feel free to ask any questions!
 
  • Like
Reactions: franz, oldschool, zanway and 2 others
Victor M said:
Hi @zanway , welcome to MT !

You are probably aware/familiar with Threat Modelling. The OWASP site has details on it. Threat Modeling | OWASP Foundation. Many programmers use STRIDE. And the OWASP site explains that too.

I do not activaly program anymore and I use a lesser known method of drawing Attack Trees. Attack Trees - Schneier on Security
Click to expand...
I have never heard of attack trees - thank you for the link! On a brief overview, it looks very interesting and very useful.
 
  • Like
Reactions: franz

You may also like...