We already have many of the climate solutions we need. But scaling them is hard. The Green Blueprint is a show about the people who are architecting the clean economy. Every other week, host Lara Pierpoint profiles the founders, investors, and organizational leaders who are solving complex challenges in the quest to build climate technologies fast.
…
continue reading
תוכן מסופק על ידי Olaf Kock. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Olaf Kock או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לRadio Liferay
Thanks for visiting The Cell Phone Junkie! I will be taking the time each week to discuss my favorite topic, cell phones. Any feedback is appreciated and welcome. You can email me at: questions (AT) thecellphonejunkie (DOT) com or call: 206-203-3734 Thanks and welcome!
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
A podcast for developers interested in building great software products. Every episode, Adam Wathan is joined by a guest to talk about everything from product design and user experience to unit testing and system administration.
…
continue reading
Decoder is a show from The Verge about big ideas — and other problems. Verge editor-in-chief Nilay Patel talks to a diverse cast of innovators and policymakers at the frontiers of business and technology to reveal how they’re navigating an ever-changing landscape, what keeps them up at night, and what it all means for our shared future.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
WSJ’s Bold Names brings you conversations with the leaders of the bold-named companies featured in the pages of The Wall Street Journal. Hosts Tim Higgins and Christopher Mims speak to CEOs and business leaders in interviews that challenge conventional wisdom and take you inside the decisions being made in the C-suite and beyond.
…
continue reading
.NET Rocks! is an Internet Audio Talk Show for Microsoft .NET Developers.
…
continue reading
Embedded is the show for people who love gadgets. Making them, breaking them, and everything in between. Weekly interviews with engineers, educators, and enthusiasts. Find the show, blog, and more at embedded.fm.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
RL049 Security with Tomáš Polešovský
Manage episode 153326124 series 1088293
תוכן מסופק על ידי Olaf Kock. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Olaf Kock או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
It's been a long time and finally... Radio Liferay is back with several episodes in the queue. Today, Tomáš Polešovský starts of by talking about Liferay's security team and -procedures as well as his work within that team. Tom has already been a guest on Radio Liferay's ancient episode 9
Here are some of the topics that we talked about:
- The glorious glamorous days one has on the security team (consisting mostly of email, tickets, pullrequests)
- Different ways to make Liferay more secure
- Gathering feedback from community and customers
- Monitoring Liferay Forums and full disclosure mailing lists (also about the various libraries that are used in Liferay)
- Scan source code for problems
- Liferay cooperates with external security researchers for penetration testing
- Customers perform external audits as well.
- An example of an actual audit report: 49 very alarming false positives vs. 1 real cornercase
- The security issue fixing process
- The first security episode with Sam Kong
- Link to community security update page. CE updates always only against the latest GA version
- Some low hanging fruits in secure Liferay administration (on the fly)
- Disable "create new accounts" if you don't want random users to create new accounts (e.g. in an intranet)
- JSONWS access
- Disable Control Panel, add "My Account" to user's personal pages instead
- The securing Liferay series and "additional Resources" here
- What will happen with Liferay 7?
- OAuth, and the related Radio Liferay episode 44 with Stian
- SQRL (disclaimer: I misled Tom by mispronouncing this library - he's aware, but there's no implementation - yet - for Liferay)
72 פרקים
שתפו
Manage episode 153326124 series 1088293
תוכן מסופק על ידי Olaf Kock. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Olaf Kock או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
It's been a long time and finally... Radio Liferay is back with several episodes in the queue. Today, Tomáš Polešovský starts of by talking about Liferay's security team and -procedures as well as his work within that team. Tom has already been a guest on Radio Liferay's ancient episode 9
Here are some of the topics that we talked about:
- The glorious glamorous days one has on the security team (consisting mostly of email, tickets, pullrequests)
- Different ways to make Liferay more secure
- Gathering feedback from community and customers
- Monitoring Liferay Forums and full disclosure mailing lists (also about the various libraries that are used in Liferay)
- Scan source code for problems
- Liferay cooperates with external security researchers for penetration testing
- Customers perform external audits as well.
- An example of an actual audit report: 49 very alarming false positives vs. 1 real cornercase
- The security issue fixing process
- The first security episode with Sam Kong
- Link to community security update page. CE updates always only against the latest GA version
- Some low hanging fruits in secure Liferay administration (on the fly)
- Disable "create new accounts" if you don't want random users to create new accounts (e.g. in an intranet)
- JSONWS access
- Disable Control Panel, add "My Account" to user's personal pages instead
- The securing Liferay series and "additional Resources" here
- What will happen with Liferay 7?
- OAuth, and the related Radio Liferay episode 44 with Stian
- SQRL (disclaimer: I misled Tom by mispronouncing this library - he's aware, but there's no implementation - yet - for Liferay)
72 פרקים
Semua episode
×
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לRadio Liferay
We already have many of the climate solutions we need. But scaling them is hard. The Green Blueprint is a show about the people who are architecting the clean economy. Every other week, host Lara Pierpoint profiles the founders, investors, and organizational leaders who are solving complex challenges in the quest to build climate technologies fast.
…
continue reading
Thanks for visiting The Cell Phone Junkie! I will be taking the time each week to discuss my favorite topic, cell phones. Any feedback is appreciated and welcome. You can email me at: questions (AT) thecellphonejunkie (DOT) com or call: 206-203-3734 Thanks and welcome!
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
A podcast for developers interested in building great software products. Every episode, Adam Wathan is joined by a guest to talk about everything from product design and user experience to unit testing and system administration.
…
continue reading
Decoder is a show from The Verge about big ideas — and other problems. Verge editor-in-chief Nilay Patel talks to a diverse cast of innovators and policymakers at the frontiers of business and technology to reveal how they’re navigating an ever-changing landscape, what keeps them up at night, and what it all means for our shared future.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
WSJ’s Bold Names brings you conversations with the leaders of the bold-named companies featured in the pages of The Wall Street Journal. Hosts Tim Higgins and Christopher Mims speak to CEOs and business leaders in interviews that challenge conventional wisdom and take you inside the decisions being made in the C-suite and beyond.
…
continue reading
.NET Rocks! is an Internet Audio Talk Show for Microsoft .NET Developers.
…
continue reading
Embedded is the show for people who love gadgets. Making them, breaking them, and everything in between. Weekly interviews with engineers, educators, and enthusiasts. Find the show, blog, and more at embedded.fm.
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
