Versatile software engineer with a background in .NET consulting and CMS development. Working on regaining my embedded development skills to get more involved with IoT opportunities.
I've worked at so many places where as I settled in all I could thing was "lawl we bankrupt if this server gets pwn3d". Working at smaller shops taught me more about networking and security than most people I know, almost enough to make up for the lack of strong senior developers and mentors to guide me in my abilities.
My rule of thumb for UI security is to whitelist acceptable inputs instead of trying to figure out all the possible input values that need to be rejected. Proper HTTP headers can go a long way, and brownie points if you can set up a virtual firewall appliance or clearly explain VLANs. Server hardening was probably the hardest thing to master since I am not much of a sysadmin, but nowadays I try to automate as much of the hardening during image creation vs learning a crash course in Linux administration that will be a hazy recollection when we need another server.
Security is also one of the best ways I have found to make a strong first impression at a new job. Being able to humbly identify a security concern, reason with your coworkers about the code in question, and proposing a fix can really set you apart, but it requires a lot of background knowledge too.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I've worked at so many places where as I settled in all I could thing was "lawl we bankrupt if this server gets pwn3d". Working at smaller shops taught me more about networking and security than most people I know, almost enough to make up for the lack of strong senior developers and mentors to guide me in my abilities.
My rule of thumb for UI security is to whitelist acceptable inputs instead of trying to figure out all the possible input values that need to be rejected. Proper HTTP headers can go a long way, and brownie points if you can set up a virtual firewall appliance or clearly explain VLANs. Server hardening was probably the hardest thing to master since I am not much of a sysadmin, but nowadays I try to automate as much of the hardening during image creation vs learning a crash course in Linux administration that will be a hazy recollection when we need another server.
Security is also one of the best ways I have found to make a strong first impression at a new job. Being able to humbly identify a security concern, reason with your coworkers about the code in question, and proposing a fix can really set you apart, but it requires a lot of background knowledge too.