Join Joel Maupin as he discusses his view of the pros and cons of ORMs. ORMs or Object Relational Mapping are a class of tools that empower a programmer to easily work with the structures of a relational database as objects in code. As we all know "with great power comes great responsibility", and these tools are not immune to the leaky abstraction problem. PUBLICATION PERMISSIONS:
Original video was published with the Creative Commons Attribution license (reuse allowed). Link: https://www.youtube.com/watch?v=0n8joKctyF0 https://www.youtube.com/watch?v=3EvhK7-DlZA

Self-Healing Tests is an approach in which machine learning helps with the maintenance of automated tests. Self-Healing, the automation of test automation, recognizes changes in the "system under test" and automatically adapts the test execution so that the tests remain functional. Commercial tools like TestIM and Tricentis Neo Engine are promising and focused on this area in good time. But there are also promising open source alternatives such as Healenium. This talk explains the pros and cons of self-healing tests and shows the implementation with the open source library Healenium using a concrete example. PUBLICATION PERMISSIONS:
Original video was published with the Creative Commons Attribution license (reuse allowed). Link: https://www.youtube.com/watch?v=Cct4TXkRfQg https://www.youtube.com/watch?v=bUhuqgOTXYM

We tend to think of AppSec and IoT as two separate infosec disciplines. Sure, the domain knowledge, attack vectors, and threat mitigation are not exactly the same in those two worlds. At the same time, as the hardware continues to evolve, we see more and more tiny general purpose computers around us. Many of these tiny computers nowadays run software that is written in a conventional programming language, listen on network ports, process data inputs, and communicate with the outside world. These devices can be attacked just like any other application running on a desktop, on a server, or in the cloud. In this talk, I am going to tell you a story about my hacking journey that unexpectedly took me from device configuration settings to software reverse engineering, vulnerability discovery, and six new CVEs. Together, we’ll go step by step through reconnaissance, firmware analysis, decompiling, code review, and remote debugging. I’ll also share my experience with the responsible disclosure process. I hope this talk inspires you to apply your general hacking skills to new areas such as IoT, even if you’ve never done that before. PUBLICATION PERMISSIONS:
Original video was published with the Creative Commons Attribution license (reuse allowed). Link: https://www.youtube.com/watch?v=P6dI2IFI340 https://www.youtube.com/watch?v=-giIge7Z7l0