سرفصل گفتگوهای تخصصی در Clubhouse

An Introduction to DevSecOps concepts → building a secure change control system (tools)

An Introduction to Mitre Att&ck framework → TTP concept and analogies

Security Methodologies / Standards / Best Practices

OWASP Top 10 Web
• Injection
• Broken Authentication
• Sensitive Data Exposure
• XML External Entities (XXE)
• Broken Access Control
• Security Misconfiguration
• Cross-Site Scripting XSS
• Insecure Deserialization
• Using Components with Known Vulnerabilities
• Insufficient Logging & Monitoring

• Network Layer Attacks
• Application Layer Attacks
• Presentation Layer Attacks
• Session Layer Attacks
• Transport Layer Attacks
• Network Layer Attacks
• Data Link Layer Attacks
• Physical Layer Attacks

• IoT Penetration Testing
• Methodologies & Standards
• Attack vectors