1. Builders vs Breakers
Saturday, June 1, 13

2. Hi, I’m Adam
Saturday, June 1, 13

3. Hi, I’m Adam
@adam_baldwin
@liftsecurity
@nodesecurity
Saturday, June 1, 13

4. Hi, I’m Adam
@evilpacket
Saturday, June 1, 13

5. Saturday, June 1, 13

6. Saturday, June 1, 13

7. Builders Breakers
Saturday, June 1, 13

8. Builders Breakers
Saturday, June 1, 13

9. “Fix your captcha so the value isn't actually
hidden in the form. (put it in the session and
check the post) Friend of the fritz..”
-Adam
Saturday, June 1, 13

10. Saturday, June 1, 13

11. “you guys”
Saturday, June 1, 13

12. Basecamp Classic
Saturday, June 1, 13

13. “xss is not a feature”
Saturday, June 1, 13

14. Feelings?
Saturday, June 1, 13

15. Saturday, June 1, 13

16. Saturday, June 1, 13

17. Saturday, June 1, 13

18. Saturday, June 1, 13

19. Saturday, June 1, 13

20. Cooperation
Saturday, June 1, 13

21. Communication
Saturday, June 1, 13

22. When we listen, really listen, we reveal respect, support,
understanding, empathy... We also possess the power to impart
a renewed confidence, clarity, and a sense of everything-is-
going-to-be-okay when we listen well.
- Stephanie Maier
http://thepot-luck.com/stephaniemaier/all-you-have-to-do-is-listen/
Saturday, June 1, 13

23. Basecamp Classic
Saturday, June 1, 13

24. http://37signals.com/security-response
Saturday, June 1, 13

25. http://37signals.com/security-response
Saturday, June 1, 13

26. http://37signals.com/security-response
Saturday, June 1, 13

27. So what can I do
as a developer?
Saturday, June 1, 13

28. SECURITY.md
#How to report issue
#Expectations
#List of humans
Saturday, June 1, 13

29. http://emberjs.com/security/
Saturday, June 1, 13

30. Self Disclosure
of
Vulnerabilities
Saturday, June 1, 13

31. Handling a security failure
well can build trust.
Saturday, June 1, 13

32. A new project based
on what we’ve learned
about
builders vs breakers
Saturday, June 1, 13

33. Node Security Project
Saturday, June 1, 13

34. andbang.com
Saturday, June 1, 13

35. Node Security Project?
Saturday, June 1, 13

36. Adam Brault
Nathan LaFreniere
Bear
Mikeal Rogers
Daniel Shaw
Major Contributors
Neal Poole
Luca Carettoni
Steven Rivas Jr
Arlo Breault
Jacopo Tarantino
Saturday, June 1, 13

37. Audit every module
Saturday, June 1, 13

38. 31233
modules
Saturday, June 1, 13

39. Fix the broken things
Saturday, June 1, 13

40. Report Issues we find
Saturday, June 1, 13

41. Send Pull Requests
Saturday, June 1, 13

42. Example: Hubot
Saturday, June 1, 13

43. Saturday, June 1, 13

44. Saturday, June 1, 13

45. Saturday, June 1, 13

46. Publish the results
Saturday, June 1, 13

47. Saturday, June 1, 13

48. How to Contribute
Saturday, June 1, 13

49. nodesecurity.io
Saturday, June 1, 13

50. - Respect & understand feelings
- Proactively communicate & listen
- It’s okay to mess up—it can even build
trust
Quick Recap
Saturday, June 1, 13

51. </PRESENTATION>
@adam_baldwin | @LiftSecurity
Saturday, June 1, 13