web-security

robert-stuttaford 2023-01-10T12:43:53.822329Z

@lvh are you aware of any web security courseware worth doing? we've some young new joiners on our team and i'd like to give them a solid start in this arena!

lvh 2023-01-12T19:00:58.668189Z

Hey! Sorry, missed this notification

lvh 2023-01-12T19:01:10.814599Z

It’s not that the web security courseware is bad, it’s just that…. it’s all very just-so

lvh 2023-01-12T19:01:38.547409Z

ideally you’d be combining it with real hands on experience pretty quickly to get it to stick

lvh 2023-01-12T19:01:49.330969Z

the portswigger labs exercises are free and totally fine

robert-stuttaford 2023-01-12T20:35:49.494959Z

nice thank you sir

slipset 2023-01-10T13:34:41.114799Z

We did something on Pluralsight with Troy Hunt, I found it a bit basic, but might be nice for new joiners. Also we have Ninjio for the whole org, again, a bit basic, but I think it’s nice for the larger org. Also my name is not @lvh

robert-stuttaford 2023-01-10T13:58:05.562379Z

thank you not-lvh! 😄

robert-stuttaford 2023-01-10T14:01:30.510759Z

ok, so i'm actually specifically looking for training for web app devs - how to not program any of the owasp top 10 in to your code, type thing

robert-stuttaford 2023-01-10T14:01:48.393309Z

we've got gen-pop cybersec stuff coming out of our ears, we've even made some of our own 😂

slipset 2023-01-10T14:02:30.693309Z

The Pluralsight thing was for web devs

robert-stuttaford 2023-01-10T14:03:37.945549Z

thanks!