Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings

GitLab / Secure: Brown Bags

Add meeting Rate page Subscribe

GitLab / Secure: Brown Bags

These are all the meetings we have in "Secure: Brown Bags" (part of the organization "GitLab"). Click into individual meeting pages to watch the recording and search or read the transcript.

16 Jun 2021
Presenter: Nicole Schwartz

Slides: https://docs.google.com/presentation/d/1hZAVqMY8btQtpG0nc90WTolJ1AVVZoDsFluz4MMHfXY/edit#slide=id.g29a70c6c35_0_68
  • 1 participant
  • 14 minutes
threats
threat
modeling
protecting
risk
cautious
hacking
stalkers
advanced
gdpr
youtube image

3 Sep 2020
This is the recording of a BrownBag presentation on introducing generic security reports in GitLab. https://gitlab.com/gitlab-org/secure/brown-bag-sessions/-/issues/35
  • 7 participants
  • 1:06 hours
security
generic
discussion
analyzers
capabilities
concern
scanners
vulnerability
threat
proposal
youtube image

28 Jul 2020
This is a BrownBag Session (https://gitlab.com/gitlab-org/secure/brown-bag-sessions/-/issues/33) about creating a snapshot-based, feedback-guided fuzzer that uses perf events for feedback. Project with example code: https://gitlab.com/gitlab-org/vulnerability-research/kb/presentations/creating_a_snapshot_feedback_guided_fuzzer
  • 2 participants
  • 57 minutes
debugging
fuzzer
debugger
buzzing
gitlab
bugs
jitter
triggering
tools
process
youtube image

21 Jul 2020
This BrownBag session discusses problems and solutions for deriving fuzzing harnesses from existing unit tests.

BrownBag issue: https://gitlab.com/gitlab-org/secure/brown-bag-sessions/-/issues/28
  • 2 participants
  • 33 minutes
fuzzer
fuzzing
fuzz
process
problems
bugs
programming
brown
testing
gitlab
youtube image

29 Jun 2020
This is a BrownBag session (https://gitlab.com/gitlab-org/secure/brown-bag-sessions/-/issues/29) on setting up fuzzing on gitlab-runner and the .gitlab-ci.yml parser found in GitLab
  • 4 participants
  • 44 minutes
fuzzer
fuzzing
fuzz
fuzzers
bug
handled
workflow
mutating
validation
vulnerability
youtube image

17 Jun 2020
00:18 AST market
02:50 SAST, spell checker, identify by patterns
04:13 secret detection, API keys
04:46 DAST, deployed code
06:37 dependency scanning
08:04 container scanning
09:15 licence compliance
09:47 Fuzzing , business logic flaws
18:00 SAST, false positive, pattern matcher, spell checker
22:52 IAST
25:16 it sucks to set up fuzzing currently in most cases
33:10 fuzzers, logical flows, API's [...], SAST, DAST, heartbleed
  • 6 participants
  • 51 minutes
security
ast
testers
deploying
scrutiny
advanced
sca
defend
briefings
services
youtube image

11 Jun 2020
This is the recording of a brown bag presentation on discussing developing with Docker at GitLab.

https://gitlab.com/gitlab-org/secure/brown-bag-sessions/-/issues/25
  • 2 participants
  • 48 minutes
docker
docket
understanding
tooling
user
manages
summary
shim
doctor
upstream
youtube image

10 Jun 2020
No description provided.
  • 4 participants
  • 1:09 hours
versioning
semantic
version
specification
versions
patch
intermediate
updates
meta
subversion
youtube image

20 May 2020
No description provided.
  • 2 participants
  • 48 minutes
templates
versioning
cutters
cookiecutter
project
tools
making
configuring
guidelines
workflow
youtube image

1 May 2020
Talk through how to do Window development for GitLab with google compute platform.

The agenda of the video follows:

- Current state of Windows on GitLab CI/CD
- GCP Windows Image for Development
- Demo: How to use a Windows image on GCP
- Windows Developer Tips
  • 4 participants
  • 37 minutes
microsoft
gitlab
vmware
linux
discussion
cloud
google
configure
project
docker
youtube image

11 Mar 2020
A presentation about symbolic/concolic execution engines, existing tools, and their applications.
  • 4 participants
  • 1:02 hours
execution
symbolic
symbolically
implementation
executing
function
operations
analyzed
instructions
emulating
youtube image