JSJ 418: Security Scary Stories and How to Avoid Them with Kevin A McGrail

In this episode of JavaScript Jabber the panel interviews security expert, Kevin A. McGrail. He starts by explaining what security frameworks and what they do. The panel wonders how to know if your developers are capable of self-auditing your security or if you need help. Kevin shares recommendations for companies to look at to answer that question. Aimee Knight explains the hell she has been in making changes to be compliant with CCPA. The panel considers how policies like this complicate security, are nearly impossible to be compliant with and how they can be weaponized. They discuss the need for technical people to be involved in writing these laws. Kevin explains how you can know how secure your systems actually are. He shares the culture of security first he tries to instill in the companies he trains. He also trains them on how to think like a bad guy and explains how this helps developers become security first developers. The panel discusses how scams have evolved and how the same scams are still being run. They consider the importance of automated training and teaching developers to do it right the first time.Finally, they consider the different ways of authentication, passwords, passphrases, sim card, biometrics. Kevin warns against oversharing or announcing vacations. The panel discusses real-world tactics bad guys use. Kevin explains what he trains people to do and look out for to increase security with both social engineering and technical expertise. Panelists

• Aimee Knight
• AJ O’Neal
• Charles Max Wood
• Dan Shappir
• Steve Edwards

Guest

• Kevin A McGrail

Sponsors

• ABOUT YOU | aboutyou.com/apply
• Split
• CacheFly

____________________________________________________________ "The MaxCoders Guide to Finding Your Dream Developer Job" by Charles Max Wood is now available on Amazon. Get Your Copy Today! ____________________________________________________________Links

• Ghost in the Wires
• https://www.infrashield.com/

Follow DevChatTV on Facebook and Twitter PicksAimee Knight:

• The More Gender Equality, the Fewer Women in STEM

AJ O’Neal:

• I'll Let Myself In: Tactics of Physical Pen Testers
• Copying Keys from Photos, Molds & More
• The LED Traffic Light and the Danger of "But Sometimes!"
• Regina Spektor
• The Weepies

Dan Shappir:

• This is what happens when you reply to spam email
• What is Your Password?

Kevin A McGrail:

• XKCD Security
• IT Crowd
• https://spamassassin.apache.org/

Steve Edwards:

• XKCD Password Generator
• Nerd Sniping

Special Guest: Kevin A. McGrail.

Support this podcast at — https://redcircle.com/javascript-jabber/donations

Privacy & Opt-Out: https://redcircle.com/privacy

Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.