SlideShare a Scribd company logo

The life of breached data and the attack lifecycle

Jarrod Overson
Jarrod Overson

OWASP RTP Presentation on Data breaches, credential spills, the lifespan of data, credential stuffing, the attack lifecycle, and what you can do to protect yourself or your users.

1 of 74
Download to read offline
The Life of Breached Data August 2018 Jarrod Overson, Director of Engineering at Shape Security The Dark Side of Security
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
It’s more than just mega-breaches from large companies Web forums contributed many spills in 2017 Though web forums contributed a smaller number of credentials
5+ Billion Leaked credentials in 2016 and 2017 alone
Jarrod Overson a.k.a. “I’m not a security guy” @jsoverson everywhere
Every breach adds a piece of you to a criminal's database. Passwords, emails, names, security questions & answers, addresses, and more
The downstream path from breach to fraud Fraud & Exploitation Account Takeovers Credential Stuffing Attacks Credential SpillsData Breaches Within your controlOutside of your control
Credential stuffing attacks Bank 0 + = Retailer x Bank y Airline z bob@gmail.com:p@ssw0rd1 ✅ ❌ ✅ sally@yahoo.com:qwerypoiu ❌ ✅ ❌ donna@company.com:norah2012 ✅ ❌ ❌
The tiers of attacker sophistication Tier 1 - The original attacker Tier 2 - The attacker’s private network Tier 3 - The dark web Tier 4 - Public
Credential spills decrease in value over time CredentialSpillValue Day 0 Data Breach Tier 1 attacks Attacker Tier 2 attacks Attacker’s Associates Tier 3 attacks Dark Web Day 456 Avg time before breach is reported Tier 4 attacks Public
What percentage of traffic is from bots?
89%
91%
95%
98%
What percentage of traffic is from bots? 99.8% ( Current record for automation against a login page, via Shape Security )
Why?
If you have value, there is value in attacking you.
- Store any actual or virtual currency? - Sell goods? - Have ANY unique PII? - Have user generated content? - Have time sensitive features? - Pay for digitally validated behavior? - Have a social aspect to your service? Do you…
But we have CAPTCHAs!
But CAPTCHAs don’t work
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
Have you ever seen an ad like this?
There is big money in “work from home data entry” jobs
So we seek alternatives
Often they rely on behavioral analysis
Sometimes they rely on kittens
Others still rely on death metal
Some are very high profile
How are attacks automated?
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
The life of breached data and the attack lifecycle
Once you detect an attacker, they are easy to block. Right?
One attacker from one machine can be blocked by IP.
Many attackers sound dangerous but aren't as common as they are made out to be.
One attacker using proxies to look like thousands of users across the globe is difficult to detect and block.
Spikes of traffic look perfectly normal most of the time. selenium
Devices leave fingerprints that can be traced selenium
And tools are made to leave no fingerprints
Lots of tools
The life of breached data and the attack lifecycle
We can’t patch our way through this.
How would you react if you went from…How would you react if you went from … Legitimate traffic
To this To this Automation detected and blocked Legitimate traffic
To this Automation detected and blocked Legitimate traffic To this
How do you protect you?
Make every password unique. Really.
• LastPass • 1Password • Any locally encrypted db Use a password manager. Use a password manager. LastPass, 1Password, any locally encrypted database.
Use a base password + a site specific string. For example: "hyatt small blue cup" Use a password algorithm
Turn on Multi-Factor Authentication.
How do you protect your users?
Throw away the myth that the biggest risk to your users is a weak password. The biggest and most prevalent risk is a reused password.
Don't add unnecessary password rules 8 char minimum, >64 char maximum, allow ANY character (including spaces)
Don't expire passwords unless necessary Expire when accounts are compromised or a user's credentials are leaked.
Do prevent users from using common passwords • 123456 • password • 12345678 • qwerty • 12345 • 123456789 • football • 1234 • 1234567 • baseball • welcome • 1234567890 • abc123 • 111111 • 1qaz2wsx • dragon • master • monkey • letmein • login • princess • qwertyuiop • solo • passw0rd Maintain and use a banned password list
Check against spilled credentials
Offer Multi-factor authentication
How do you protect your business?
Use single flows for important transactions. Reduce the attack surface area as much as possible. Login widget Old login flow Regular Login Login at CC entry 2.x login Login on shopping cart VS Login
Ask and be ready for tough questions You may need to re-evaluate costs & value with new parameters.
Get help. You're not alone. Reduce the attack surface area as much as possible. - Helen Keller
The Life of Breached Data August 2018 Jarrod Overson, Director of Engineering at Shape Security The Dark Side of Security

More Related Content

What's hot

Cyberextortion
CyberextortionCyberextortion
Cyberextortion
Salim Al Talie
 
BSides Cleveland: Active Defense - Helping threat actors hack themselves!
BSides Cleveland: Active Defense - Helping threat actors hack themselves!BSides Cleveland: Active Defense - Helping threat actors hack themselves!
BSides Cleveland: Active Defense - Helping threat actors hack themselves!
ThreatReel Podcast
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
 
Newbytes NullHyd
Newbytes NullHydNewbytes NullHyd
Newbytes NullHyd
n|u - The Open Security Community
 
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case StudiesRSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
Wayne Huang
 
Secure passwords-theory-and-practice
Secure passwords-theory-and-practiceSecure passwords-theory-and-practice
Secure passwords-theory-and-practice
Akash Mahajan
 
Exploring DarkWeb For Threat Intelligence (SACON May 2018)
Exploring DarkWeb For Threat Intelligence (SACON May 2018)Exploring DarkWeb For Threat Intelligence (SACON May 2018)
Exploring DarkWeb For Threat Intelligence (SACON May 2018)
Priyanka Aash
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
Cyren, Inc
 
OISF Aniversary: Active Defense - Helping threat actors hack themselves!
OISF Aniversary: Active Defense - Helping threat actors hack themselves!OISF Aniversary: Active Defense - Helping threat actors hack themselves!
OISF Aniversary: Active Defense - Helping threat actors hack themselves!
ThreatReel Podcast
 
Security testing for web developers
Security testing for web developersSecurity testing for web developers
Security testing for web developers
matthewhughes
 
Pentester's Mindset! - Ravikumar Paghdal
Pentester's Mindset! - Ravikumar PaghdalPentester's Mindset! - Ravikumar Paghdal
Pentester's Mindset! - Ravikumar Paghdal
NSConclave
 
(SACON) Shomiron das gupta - threat hunting use cases
(SACON) Shomiron das gupta - threat hunting use cases(SACON) Shomiron das gupta - threat hunting use cases
(SACON) Shomiron das gupta - threat hunting use cases
Priyanka Aash
 
The rise of account takeover
The rise of account takeoverThe rise of account takeover
The rise of account takeover
4ndersonLin
 
The Quiet Rise of Account Takeover
The Quiet Rise of Account TakeoverThe Quiet Rise of Account Takeover
The Quiet Rise of Account Takeover
IMMUNIO
 
Mastering Next Gen SIEM Use Cases (Part 1)
Mastering Next Gen SIEM Use Cases (Part 1)Mastering Next Gen SIEM Use Cases (Part 1)
Mastering Next Gen SIEM Use Cases (Part 1)
DNIF
 
Identity theft: Developers are key - JavaZone17
Identity theft: Developers are key - JavaZone17Identity theft: Developers are key - JavaZone17
Identity theft: Developers are key - JavaZone17
Brian Vermeer
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
Cyren, Inc
 
Identity Theft : Developers are key
Identity Theft : Developers are keyIdentity Theft : Developers are key
Identity Theft : Developers are key
Brian Vermeer
 
Identity theft jfall17
Identity theft jfall17Identity theft jfall17
Identity theft jfall17
Brian Vermeer
 
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
ThreatReel Podcast
 

What's hot (20)

Cyberextortion
CyberextortionCyberextortion
Cyberextortion
 
BSides Cleveland: Active Defense - Helping threat actors hack themselves!
BSides Cleveland: Active Defense - Helping threat actors hack themselves!BSides Cleveland: Active Defense - Helping threat actors hack themselves!
BSides Cleveland: Active Defense - Helping threat actors hack themselves!
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
 
Newbytes NullHyd
Newbytes NullHydNewbytes NullHyd
Newbytes NullHyd
 
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case StudiesRSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
RSA 2015 Bitcoin's Future Threats: Expert's Roundtable based on 150 Case Studies
 
Secure passwords-theory-and-practice
Secure passwords-theory-and-practiceSecure passwords-theory-and-practice
Secure passwords-theory-and-practice
 
Exploring DarkWeb For Threat Intelligence (SACON May 2018)
Exploring DarkWeb For Threat Intelligence (SACON May 2018)Exploring DarkWeb For Threat Intelligence (SACON May 2018)
Exploring DarkWeb For Threat Intelligence (SACON May 2018)
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
 
OISF Aniversary: Active Defense - Helping threat actors hack themselves!
OISF Aniversary: Active Defense - Helping threat actors hack themselves!OISF Aniversary: Active Defense - Helping threat actors hack themselves!
OISF Aniversary: Active Defense - Helping threat actors hack themselves!
 
Security testing for web developers
Security testing for web developersSecurity testing for web developers
Security testing for web developers
 
Pentester's Mindset! - Ravikumar Paghdal
Pentester's Mindset! - Ravikumar PaghdalPentester's Mindset! - Ravikumar Paghdal
Pentester's Mindset! - Ravikumar Paghdal
 
(SACON) Shomiron das gupta - threat hunting use cases
(SACON) Shomiron das gupta - threat hunting use cases(SACON) Shomiron das gupta - threat hunting use cases
(SACON) Shomiron das gupta - threat hunting use cases
 
The rise of account takeover
The rise of account takeoverThe rise of account takeover
The rise of account takeover
 
The Quiet Rise of Account Takeover
The Quiet Rise of Account TakeoverThe Quiet Rise of Account Takeover
The Quiet Rise of Account Takeover
 
Mastering Next Gen SIEM Use Cases (Part 1)
Mastering Next Gen SIEM Use Cases (Part 1)Mastering Next Gen SIEM Use Cases (Part 1)
Mastering Next Gen SIEM Use Cases (Part 1)
 
Identity theft: Developers are key - JavaZone17
Identity theft: Developers are key - JavaZone17Identity theft: Developers are key - JavaZone17
Identity theft: Developers are key - JavaZone17
 
Webinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to knowWebinar: Is your web security broken? - 10 things you need to know
Webinar: Is your web security broken? - 10 things you need to know
 
Identity Theft : Developers are key
Identity Theft : Developers are keyIdentity Theft : Developers are key
Identity Theft : Developers are key
 
Identity theft jfall17
Identity theft jfall17Identity theft jfall17
Identity theft jfall17
 
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
NKU Cybersecurity Symposium: Active Defense - Helping threat actors hack them...
 

Similar to The life of breached data and the attack lifecycle

How I'd hack into your business and how you can stop me!
How I'd hack into your business and how you can stop me!How I'd hack into your business and how you can stop me!
How I'd hack into your business and how you can stop me!
AVG Technologies AU
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your Favor
David Perkins
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Steve Poole
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 Sofia
Steve Poole
 
The State of Credential Stuffing and the Future of Account Takeovers.
The State of Credential Stuffing and the Future of Account Takeovers.The State of Credential Stuffing and the Future of Account Takeovers.
The State of Credential Stuffing and the Future of Account Takeovers.
Jarrod Overson
 
Progscon cybercrime and the developer
Progscon cybercrime and the developerProgscon cybercrime and the developer
Progscon cybercrime and the developer
Steve Poole
 
Things that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityThings that go bump on the web - Web Application Security
Things that go bump on the web - Web Application Security
Christian Heilmann
 
How Credential Stuffing is Evolving - PasswordsCon 2019
How Credential Stuffing is Evolving - PasswordsCon 2019How Credential Stuffing is Evolving - PasswordsCon 2019
How Credential Stuffing is Evolving - PasswordsCon 2019
Jarrod Overson
 
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for DefenseSANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
John Bambenek
 
Zen and the art of Security Testing
Zen and the art of Security TestingZen and the art of Security Testing
Zen and the art of Security Testing
TEST Huddle
 
Beyond The Padlock: New Ideas in Browser Security UI
Beyond The Padlock: New Ideas in Browser Security UIBeyond The Padlock: New Ideas in Browser Security UI
Beyond The Padlock: New Ideas in Browser Security UI
mozilla.presentations
 
Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019
Kimberley Dray
 
A Look Into Cyber Security
A Look Into Cyber SecurityA Look Into Cyber Security
A Look Into Cyber Security
GTreasury
 
Fraud Engineering, from Merchant Risk Council Annual Meeting 2012
Fraud Engineering, from Merchant Risk Council Annual Meeting 2012Fraud Engineering, from Merchant Risk Council Annual Meeting 2012
Fraud Engineering, from Merchant Risk Council Annual Meeting 2012
Nick Galbreath
 
The Immune System of Internet
The Immune System of InternetThe Immune System of Internet
The Immune System of Internet
Mohit Kanwar
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
Gabor Szathmari
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
Diego Souza
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
Lokender Yadav
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of view
Yury Chemerkin
 
Os Nightingale
Os NightingaleOs Nightingale
Os Nightingale
oscon2007
 

Similar to The life of breached data and the attack lifecycle (20)

How I'd hack into your business and how you can stop me!
How I'd hack into your business and how you can stop me!How I'd hack into your business and how you can stop me!
How I'd hack into your business and how you can stop me!
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your Favor
 
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
Devnexus 2017 Cybercrime and the Developer: How do you make a difference?
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 Sofia
 
The State of Credential Stuffing and the Future of Account Takeovers.
The State of Credential Stuffing and the Future of Account Takeovers.The State of Credential Stuffing and the Future of Account Takeovers.
The State of Credential Stuffing and the Future of Account Takeovers.
 
Progscon cybercrime and the developer
Progscon cybercrime and the developerProgscon cybercrime and the developer
Progscon cybercrime and the developer
 
Things that go bump on the web - Web Application Security
Things that go bump on the web - Web Application SecurityThings that go bump on the web - Web Application Security
Things that go bump on the web - Web Application Security
 
How Credential Stuffing is Evolving - PasswordsCon 2019
How Credential Stuffing is Evolving - PasswordsCon 2019How Credential Stuffing is Evolving - PasswordsCon 2019
How Credential Stuffing is Evolving - PasswordsCon 2019
 
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for DefenseSANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
SANSFIRE18: War Stories on Using Automated Threat Intelligence for Defense
 
Zen and the art of Security Testing
Zen and the art of Security TestingZen and the art of Security Testing
Zen and the art of Security Testing
 
Beyond The Padlock: New Ideas in Browser Security UI
Beyond The Padlock: New Ideas in Browser Security UIBeyond The Padlock: New Ideas in Browser Security UI
Beyond The Padlock: New Ideas in Browser Security UI
 
Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019Password and Account Management Strategies - April 2019
Password and Account Management Strategies - April 2019
 
A Look Into Cyber Security
A Look Into Cyber SecurityA Look Into Cyber Security
A Look Into Cyber Security
 
Fraud Engineering, from Merchant Risk Council Annual Meeting 2012
Fraud Engineering, from Merchant Risk Council Annual Meeting 2012Fraud Engineering, from Merchant Risk Council Annual Meeting 2012
Fraud Engineering, from Merchant Risk Council Annual Meeting 2012
 
The Immune System of Internet
The Immune System of InternetThe Immune System of Internet
The Immune System of Internet
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
 
Why is password protection a fallacy a point of view
Why is password protection a fallacy a point of viewWhy is password protection a fallacy a point of view
Why is password protection a fallacy a point of view
 
Os Nightingale
Os NightingaleOs Nightingale
Os Nightingale
 

More from Jarrod Overson

Practical WebAssembly with Apex, wasmRS, and nanobus
Practical WebAssembly with Apex, wasmRS, and nanobusPractical WebAssembly with Apex, wasmRS, and nanobus
Practical WebAssembly with Apex, wasmRS, and nanobus
Jarrod Overson
 
AppSecCali - How Credential Stuffing is Evolving
AppSecCali - How Credential Stuffing is EvolvingAppSecCali - How Credential Stuffing is Evolving
AppSecCali - How Credential Stuffing is Evolving
Jarrod Overson
 
JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...
JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...
JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...
Jarrod Overson
 
Analysis of an OSS supply chain attack - How did 8 millions developers downlo...
Analysis of an OSS supply chain attack - How did 8 millions developers downlo...Analysis of an OSS supply chain attack - How did 8 millions developers downlo...
Analysis of an OSS supply chain attack - How did 8 millions developers downlo...
Jarrod Overson
 
Deepfakes - How they work and what it means for the future
Deepfakes - How they work and what it means for the futureDeepfakes - How they work and what it means for the future
Deepfakes - How they work and what it means for the future
Jarrod Overson
 
How to Reverse Engineer Web Applications
How to Reverse Engineer Web ApplicationsHow to Reverse Engineer Web Applications
How to Reverse Engineer Web Applications
Jarrod Overson
 
Graphics Programming for Web Developers
Graphics Programming for Web DevelopersGraphics Programming for Web Developers
Graphics Programming for Web Developers
Jarrod Overson
 
JavaScript and the AST
JavaScript and the ASTJavaScript and the AST
JavaScript and the AST
Jarrod Overson
 
ES2015 workflows
ES2015 workflowsES2015 workflows
ES2015 workflows
Jarrod Overson
 
Maintainability SFJS Sept 4 2014
Maintainability SFJS Sept 4 2014 Maintainability SFJS Sept 4 2014
Maintainability SFJS Sept 4 2014
Jarrod Overson
 
Idiot proofing your code
Idiot proofing your codeIdiot proofing your code
Idiot proofing your code
Jarrod Overson
 
Riot on the web - Kenote @ QCon Sao Paulo 2014
Riot on the web - Kenote @ QCon Sao Paulo 2014Riot on the web - Kenote @ QCon Sao Paulo 2014
Riot on the web - Kenote @ QCon Sao Paulo 2014
Jarrod Overson
 
Managing JavaScript Complexity in Teams - Fluent
Managing JavaScript Complexity in Teams - FluentManaging JavaScript Complexity in Teams - Fluent
Managing JavaScript Complexity in Teams - Fluent
Jarrod Overson
 
Real World Web components
Real World Web componentsReal World Web components
Real World Web components
Jarrod Overson
 
Managing JavaScript Complexity
Managing JavaScript ComplexityManaging JavaScript Complexity
Managing JavaScript Complexity
Jarrod Overson
 
Continuous Delivery for the Web Platform
Continuous Delivery for the Web PlatformContinuous Delivery for the Web Platform
Continuous Delivery for the Web Platform
Jarrod Overson
 

More from Jarrod Overson (16)

Practical WebAssembly with Apex, wasmRS, and nanobus
Practical WebAssembly with Apex, wasmRS, and nanobusPractical WebAssembly with Apex, wasmRS, and nanobus
Practical WebAssembly with Apex, wasmRS, and nanobus
 
AppSecCali - How Credential Stuffing is Evolving
AppSecCali - How Credential Stuffing is EvolvingAppSecCali - How Credential Stuffing is Evolving
AppSecCali - How Credential Stuffing is Evolving
 
JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...
JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...
JSconf JP - Analysis of an exploited npm package. Event-stream's role in a su...
 
Analysis of an OSS supply chain attack - How did 8 millions developers downlo...
Analysis of an OSS supply chain attack - How did 8 millions developers downlo...Analysis of an OSS supply chain attack - How did 8 millions developers downlo...
Analysis of an OSS supply chain attack - How did 8 millions developers downlo...
 
Deepfakes - How they work and what it means for the future
Deepfakes - How they work and what it means for the futureDeepfakes - How they work and what it means for the future
Deepfakes - How they work and what it means for the future
 
How to Reverse Engineer Web Applications
How to Reverse Engineer Web ApplicationsHow to Reverse Engineer Web Applications
How to Reverse Engineer Web Applications
 
Graphics Programming for Web Developers
Graphics Programming for Web DevelopersGraphics Programming for Web Developers
Graphics Programming for Web Developers
 
JavaScript and the AST
JavaScript and the ASTJavaScript and the AST
JavaScript and the AST
 
ES2015 workflows
ES2015 workflowsES2015 workflows
ES2015 workflows
 
Maintainability SFJS Sept 4 2014
Maintainability SFJS Sept 4 2014 Maintainability SFJS Sept 4 2014
Maintainability SFJS Sept 4 2014
 
Idiot proofing your code
Idiot proofing your codeIdiot proofing your code
Idiot proofing your code
 
Riot on the web - Kenote @ QCon Sao Paulo 2014
Riot on the web - Kenote @ QCon Sao Paulo 2014Riot on the web - Kenote @ QCon Sao Paulo 2014
Riot on the web - Kenote @ QCon Sao Paulo 2014
 
Managing JavaScript Complexity in Teams - Fluent
Managing JavaScript Complexity in Teams - FluentManaging JavaScript Complexity in Teams - Fluent
Managing JavaScript Complexity in Teams - Fluent
 
Real World Web components
Real World Web componentsReal World Web components
Real World Web components
 
Managing JavaScript Complexity
Managing JavaScript ComplexityManaging JavaScript Complexity
Managing JavaScript Complexity
 
Continuous Delivery for the Web Platform
Continuous Delivery for the Web PlatformContinuous Delivery for the Web Platform
Continuous Delivery for the Web Platform
 

Recently uploaded

Carrington degree offer diploma Transcript
Carrington degree offer diploma TranscriptCarrington degree offer diploma Transcript
Carrington degree offer diploma Transcript
ubufe
 
一比一原版(brunel毕业证书)英国布鲁内尔大学毕业证如何办理
一比一原版(brunel毕业证书)英国布鲁内尔大学毕业证如何办理一比一原版(brunel毕业证书)英国布鲁内尔大学毕业证如何办理
一比一原版(brunel毕业证书)英国布鲁内尔大学毕业证如何办理
taqyea
 
一比一原版(kcl毕业证书)英国伦敦国王学院毕业证如何办理
一比一原版(kcl毕业证书)英国伦敦国王学院毕业证如何办理一比一原版(kcl毕业证书)英国伦敦国王学院毕业证如何办理
一比一原版(kcl毕业证书)英国伦敦国王学院毕业证如何办理
taqyea
 
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
ffg01100
 
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsJarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
exgf28
 
very nice project on internet class 10.pptx
very nice project on internet class 10.pptxvery nice project on internet class 10.pptx
very nice project on internet class 10.pptx
bazukagaming6
 
一比一原版(greenwich毕业证书)英国格林威治大学毕业证如何办理
一比一原版(greenwich毕业证书)英国格林威治大学毕业证如何办理一比一原版(greenwich毕业证书)英国格林威治大学毕业证如何办理
一比一原版(greenwich毕业证书)英国格林威治大学毕业证如何办理
taqyea
 
Future Trends What's Next for UI UX Design on Websites
Future Trends What's Next for UI UX Design on WebsitesFuture Trends What's Next for UI UX Design on Websites
Future Trends What's Next for UI UX Design on Websites
Serva AppLabs
 
一比一原版(爱大毕业证书)英国爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)英国爱丁堡大学毕业证如何办理一比一原版(爱大毕业证书)英国爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)英国爱丁堡大学毕业证如何办理
taqyea
 
Book dating , international dating phgra
Book dating , international dating phgraBook dating , international dating phgra
Book dating , international dating phgra
thomaskurtha9
 
About Alibaba company and brief general information regarding how to trade on...
About Alibaba company and brief general information regarding how to trade on...About Alibaba company and brief general information regarding how to trade on...
About Alibaba company and brief general information regarding how to trade on...
Erkinjon Erkinov
 
一比一原版(aber毕业证)亚伯大学毕业证如何办理
一比一原版(aber毕业证)亚伯大学毕业证如何办理一比一原版(aber毕业证)亚伯大学毕业证如何办理
一比一原版(aber毕业证)亚伯大学毕业证如何办理
taqyea
 
PSD to Wordpress Service Providers in 2024
PSD to Wordpress Service Providers in 2024PSD to Wordpress Service Providers in 2024
PSD to Wordpress Service Providers in 2024
Bestdesign2hub
 
Common Challenges in UI UX Design and How Services Can Help.pdf
Common Challenges in UI UX Design and How Services Can Help.pdfCommon Challenges in UI UX Design and How Services Can Help.pdf
Common Challenges in UI UX Design and How Services Can Help.pdf
Serva AppLabs
 
一比一原版(city毕业证书)英国剑桥大学毕业证如何办理
一比一原版(city毕业证书)英国剑桥大学毕业证如何办理一比一原版(city毕业证书)英国剑桥大学毕业证如何办理
一比一原版(city毕业证书)英国剑桥大学毕业证如何办理
taqyea
 
一比一原版(ubc毕业证书)英属哥伦比亚大学毕业证如何办理
一比一原版(ubc毕业证书)英属哥伦比亚大学毕业证如何办理一比一原版(ubc毕业证书)英属哥伦比亚大学毕业证如何办理
一比一原版(ubc毕业证书)英属哥伦比亚大学毕业证如何办理
taqyea
 
一比一原版(oregon毕业证书)俄勒冈大学毕业证如何办理
一比一原版(oregon毕业证书)俄勒冈大学毕业证如何办理一比一原版(oregon毕业证书)俄勒冈大学毕业证如何办理
一比一原版(oregon毕业证书)俄勒冈大学毕业证如何办理
taqyea
 
一比一原版(hull毕业证书)英国赫尔大学毕业证如何办理
一比一原版(hull毕业证书)英国赫尔大学毕业证如何办理一比一原版(hull毕业证书)英国赫尔大学毕业证如何办理
一比一原版(hull毕业证书)英国赫尔大学毕业证如何办理
taqyea
 
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
ffg01100
 
How to Choose the Right UIUX Design Service for Optimal Customer Experience
How to Choose the Right UIUX Design Service for Optimal Customer ExperienceHow to Choose the Right UIUX Design Service for Optimal Customer Experience
How to Choose the Right UIUX Design Service for Optimal Customer Experience
Serva AppLabs
 

Recently uploaded (20)

Carrington degree offer diploma Transcript
Carrington degree offer diploma TranscriptCarrington degree offer diploma Transcript
Carrington degree offer diploma Transcript
 
一比一原版(brunel毕业证书)英国布鲁内尔大学毕业证如何办理
一比一原版(brunel毕业证书)英国布鲁内尔大学毕业证如何办理一比一原版(brunel毕业证书)英国布鲁内尔大学毕业证如何办理
一比一原版(brunel毕业证书)英国布鲁内尔大学毕业证如何办理
 
一比一原版(kcl毕业证书)英国伦敦国王学院毕业证如何办理
一比一原版(kcl毕业证书)英国伦敦国王学院毕业证如何办理一比一原版(kcl毕业证书)英国伦敦国王学院毕业证如何办理
一比一原版(kcl毕业证书)英国伦敦国王学院毕业证如何办理
 
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
202254.com免费观看《长相思第二季》免费观看高清,长相思第二季线上看,《长相思第二季》最新电视剧在线观看,杨紫最新电视剧
 
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirtsJarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
Jarren Duran Fuck EM T shirts Jarren Duran Fuck EM T shirts
 
very nice project on internet class 10.pptx
very nice project on internet class 10.pptxvery nice project on internet class 10.pptx
very nice project on internet class 10.pptx
 
一比一原版(greenwich毕业证书)英国格林威治大学毕业证如何办理
一比一原版(greenwich毕业证书)英国格林威治大学毕业证如何办理一比一原版(greenwich毕业证书)英国格林威治大学毕业证如何办理
一比一原版(greenwich毕业证书)英国格林威治大学毕业证如何办理
 
Future Trends What's Next for UI UX Design on Websites
Future Trends What's Next for UI UX Design on WebsitesFuture Trends What's Next for UI UX Design on Websites
Future Trends What's Next for UI UX Design on Websites
 
一比一原版(爱大毕业证书)英国爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)英国爱丁堡大学毕业证如何办理一比一原版(爱大毕业证书)英国爱丁堡大学毕业证如何办理
一比一原版(爱大毕业证书)英国爱丁堡大学毕业证如何办理
 
Book dating , international dating phgra
Book dating , international dating phgraBook dating , international dating phgra
Book dating , international dating phgra
 
About Alibaba company and brief general information regarding how to trade on...
About Alibaba company and brief general information regarding how to trade on...About Alibaba company and brief general information regarding how to trade on...
About Alibaba company and brief general information regarding how to trade on...
 
一比一原版(aber毕业证)亚伯大学毕业证如何办理
一比一原版(aber毕业证)亚伯大学毕业证如何办理一比一原版(aber毕业证)亚伯大学毕业证如何办理
一比一原版(aber毕业证)亚伯大学毕业证如何办理
 
PSD to Wordpress Service Providers in 2024
PSD to Wordpress Service Providers in 2024PSD to Wordpress Service Providers in 2024
PSD to Wordpress Service Providers in 2024
 
Common Challenges in UI UX Design and How Services Can Help.pdf
Common Challenges in UI UX Design and How Services Can Help.pdfCommon Challenges in UI UX Design and How Services Can Help.pdf
Common Challenges in UI UX Design and How Services Can Help.pdf
 
一比一原版(city毕业证书)英国剑桥大学毕业证如何办理
一比一原版(city毕业证书)英国剑桥大学毕业证如何办理一比一原版(city毕业证书)英国剑桥大学毕业证如何办理
一比一原版(city毕业证书)英国剑桥大学毕业证如何办理
 
一比一原版(ubc毕业证书)英属哥伦比亚大学毕业证如何办理
一比一原版(ubc毕业证书)英属哥伦比亚大学毕业证如何办理一比一原版(ubc毕业证书)英属哥伦比亚大学毕业证如何办理
一比一原版(ubc毕业证书)英属哥伦比亚大学毕业证如何办理
 
一比一原版(oregon毕业证书)俄勒冈大学毕业证如何办理
一比一原版(oregon毕业证书)俄勒冈大学毕业证如何办理一比一原版(oregon毕业证书)俄勒冈大学毕业证如��办理
一比一原版(oregon毕业证书)俄勒冈大学毕业证如何办理
 
一比一原版(hull毕业证书)英国赫尔大学毕业证如何办理
一比一原版(hull毕业证书)英国赫尔大学毕业证如何办理一比一原版(hull毕业证书)英国赫尔大学毕业证如何办理
一比一原版(hull毕业证书)英国赫尔大学毕业证如何办理
 
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
202254.com全网最高清影视香蕉影视,热门电影推荐,热门电视剧在线观看,免费电影,电影在线,在线观看。球华人在线電視劇,免费点播,免费提供最新高清的...
 
How to Choose the Right UIUX Design Service for Optimal Customer Experience
How to Choose the Right UIUX Design Service for Optimal Customer ExperienceHow to Choose the Right UIUX Design Service for Optimal Customer Experience
How to Choose the Right UIUX Design Service for Optimal Customer Experience
 

The life of breached data and the attack lifecycle