Cracking the Code: Symmetric vs. Asymmetric Encryption Explained!
Ever wondered about the battle between symmetric and asymmetric encryption?
In this video, we break down the complexities! Discover the strengths and use cases of each - from the speed of symmetric to the heightened security of asymmetric.
Never be caught tongue-tied in an Application Security Engineer Interview. In this video Abhay Bhargav explores the popular Security Engineer Interview question from Glassdoor and Indeed "What is XXE?"
#XXE is a key vulnerability in OWASP (Open Web Application Security Project) Top 10 and is a serious vulnerability that can have devastating impacts against your Web Application or Web Service. XXE can result in Local-File Include, Remote File Include, Remote Code Execution, Server-Side Request Forgery or #SSRF and Denial of Service.
Abhay explores XXE in the form of an offensive and defensive demo directly from AppSecEngineer's Learning Path "Application Security"
AppSecEngineer is a powerful training platform that delivers amazing hands-on training on AppSec, AWS Security, Cloud Security, Kubernetes, Container Security and Advanced Application Security.
#AppSecEngineer is ideal for jobseekers, knowledge seekers and companies that want to get their workforce equipped to handle real-world security issues with their newly minted and highly educated AppSec Engineers
Content of this video
0:00- Intro
0:18- What is XML external entities
02:18- XML DTD
03:17- XXE- Remote code execution
04:17 -XXE SSRF
05:27- XXE interactive lab demo
15:30- Like and subscribe
Learn more about XXE at https://appsecengineer.com/application-security-courses/
Twitter: https://twitter.com/AppSecEngineer
Linkedin: https://linkedin.com/company/AppSecEngineer
...
https://www.youtube.com/watch?v=vmQsCVg9AzQ
Get ready for the AI takeover!
Join us on the frontlines of AI Security, where hackers harness AI models to create a new wave of cyber threats.
Explore the AI & LLM Security collection on @AppSecEngineer!
https://www.appsecengineer.com/ai-llm-security-collection
#Cybersecurity #AI #Infosec #GenAI #training #AISecurity
...
https://www.youtube.com/watch?v=SUnC_4OltpQ
AppSecEngineer launches this Free AWS Security Course on YouTube for the first time.
Course Description:
AWS Identity and Access Management (IAM) is a robust web service that offers a host of controls and configurations for users to manage access to their AWS resources. One of the most useful features of IAM is Roles Anywhere.
IAM Roles Anywhere allows you to use the temporary credentials to manage access across your AWS workload. This allows you to use the same IAM policies and roles throughout the workload and eliminate the need for long-term credentials, improving the overall security of your AWS infrastructure.
This course is an in-depth look into the problem of persistent credential in AWS IAM, and how Roles Anywhere solves it. Learn how to implement it in a real-world AWS environment using AppSecEngineer's signature hands-on labs, and secure your cloud services like seasoned pro.
#appsecengineer #awssecurity #aws #cloudsecurity #freecourse #cloud
...
https://www.youtube.com/watch?v=9bMqK_RQrhQ
Learn more at: https://www.appsecengineer.com/developers
When developers write insecure code, they're wasting both time and resources. Insecure code means more vulnerabilities, which means more hours wasted on remediation.
You can't ignore security, but you want to build faster. What's the solution?
Secure code training.
Leaders, project managers, and developers all over the world agree on one thing: secure coding is a priority.
In order to save time, avoid rework, and build better products, companies need to train their developers in skills that can transform their business.
Learn how to never ship a bad line of again with AppSecEngineer: https://www.appsecengineer.com/developers
Understand how AppSecEngineer can get your entire product team competent in 8 domains of AppSec: https://www.appsecengineer.com/main-menu-pages/teams
#developer #aws #devsecops #security #appsecengineer #applicationsecurity #securitytraining
...
https://www.youtube.com/watch?v=ZJGRyvD3P60
It's the last day of Cybersecurity Awareness Month! Today we're learning about TLS encryption, and the 7-step 'handshake' between the client and server before they begin communicating securely.
Learn more about cryptography and secrets management through hands-on labs and challenges on AppSecEngineer.
DevSecOps Bundle - https://checkout.appsecengineer.com/devsecops-security-specialist
AppSecEngineer For Businesses: https://www.appsecengineer.com/business-pricing
AppSecEngineer For Individuals: https://www.appsecengineer.com/main-menu-pages/pricing
#SecureOurWorld #cybersecurity #CybersecurityTraining #appsec #applicationsecurity #infosec #Security #securitytraining #training #handsonlearning #StaySafeOnline #DevSecOps #encryption #cryptography #tls
...
https://www.youtube.com/watch?v=6KnboEhzc94
Train your team here: www.appsecengineer.com/main-menu-pages/teams
Start learning today: https://www.appsecengineer.com/
This video explains what DPDPB is and how it could impact businesses in a nutshell. If your business operates in India, you need to know this!
Data security and privacy have become paramount concerns in our interconnected digital age. The Data Protection Bill 2023 is a groundbreaking legislative step aimed at protecting personal information and reshaping the way businesses handle data.
#DPDPB #CyberDefense #shorts #india #bill #business #dataprotection #dataprivacy #appsec #applicationsecurity #infosec #appsecengineer #Security #securitytraining #training #handsonlearning #devsecops #Kubernetes #containers #threatmodelling #cloudsecurity #aws #azure #gcp #offensivesecurity #redteam #blueteam #purpleteam #cybersecurity #blackhat #infosectraining #skillgap #upskill #careers #techjobs
...
https://www.youtube.com/watch?v=G0yGDFwhXQI
Watch the full webinar: https://youtu.be/ZNWptwfa0DE
Sign up for the bootcamp: https://www.appsecengineer.com/rapid-threat-modeling-with-genai-and-llms
Were you seeking a faster, less cumbersome approach to Threat Modeling, thinking it demanded too much security knowledge? The introduction of Generative AI (GenAI) and Large Language Models (LLMs) might just be the breakthrough you needed.
On March 26th at 9 AM PT, Abhay Bhargav, Chief Research Officer at AppSecEngineer, led a groundbreaking webinar that reshaped our understanding of Threat Modeling. "Threat Modeling with GenAI and LLMs" goes beyond a typical course - it's a revolutionary method that leverages GenAI to make Threat Modeling not only more efficient but significantly quicker.
This recorded webinar gives you a glimpse into our instructor-led training course available on AppSecEngineer, showcasing how the latest advancements in AI can be utilized to enhance the Threat Modeling process.
#AI #GenAI #generativeai #threatmodeling #aisecurity #cybersecurity #applicationsecurity #infosec #appsecengineer
...
https://www.youtube.com/watch?v=gH6xc2HCgzc
Abhay explores interesting blogs, talks and news from the world of Application Security, Cloud Security, Kubernetes Security, Threat Modeling and more in this week's segment of "Last week in AppSec"
This week's stories include Azure ChaosDB, Mark Dowd's Keynote at HITB Singapore, Lachlan Evenson's Kubernetes 1.22 SeccompDefault, Daniel Garcia's Secrets Management in CI Tools and AWS Permission Boundaries for Serverless Stacks
#AppSec #AppSecEngineer #AbhayBhargav
Show notes and links here: https://www.abhaybhargav.com/last-week-in-appsec-aug-23-29-2021/
Chapters:
0:00 - Intro
0:59 - ChaosDB
4:40 - Mark Dowd's Keynote at HITB
8:56 - Daniel Garcia's blog on Secrets in CI
10:20 - Lachlan Evenson's blog on Kubernetes Seccomp
13:25 - AWS Permission boundaries for Serverless Stacks
...
https://www.youtube.com/watch?v=NkKxa-YDdE8
Watch full video here: https://youtu.be/A4m-Mdveuws
In this video, Abhay Bhargav delves into the details of a severe vulnerability affecting GitLab. If you're a self-hosted GitLab user, you need to act fast!
Learn about CVE-2023-7028, a remote account takeover flaw allowing password resets without user interaction. The video covers the impact, affected versions, and GitLab's recommended fixes, including the importance of two-factor authentication.
Stay informed and secure your GitLab instance now!
#gitlab #vulnerability #CyberSecurity #SecurityUpdate
...
https://www.youtube.com/watch?v=GFzmYmiAYds