marighost@piefed.social to linuxmemes@lemmy.worldEnglish · 2 months agooc gosh i hope the reference hitsmedia.piefed.socialimagemessage-square56fedilinkarrow-up1570arrow-down110file-text
arrow-up1560arrow-down1imageoc gosh i hope the reference hitsmedia.piefed.socialmarighost@piefed.social to linuxmemes@lemmy.worldEnglish · 2 months agomessage-square56fedilinkfile-text
minus-squaresynae[he/him]@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up82arrow-down1·2 months agowhenever someone at work says they have trouble with a web service or api I’m like “Idk I can curl it just fine, what’s your request look like” and you would not believe how many developers get confused by this question. It’s so goddamn frustrating
minus-squarefunkajunk 🇨🇦@lemmy.worldlinkfedilinkarrow-up32·2 months agoThey know how to use Postman and that is it.
minus-squarebcovertigo@lemmy.worldlinkfedilinkEnglisharrow-up44·2 months agoHey that’s not fair, plenty of them also know how to upload hardcoded secrets to postman.
minus-squaresynae[he/him]@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up27·edit-22 months agoMake sure to save all your secrets in git and then upload from git to postman, that way your security incident is way more repeatable
minus-squareluciferofastora@feddit.orglinkfedilinkarrow-up5·2 months agoUPTaaS: Unsolicited Penetration Tests as a Service
whenever someone at work says they have trouble with a web service or api I’m like “Idk I can curl it just fine, what’s your request look like” and you would not believe how many developers get confused by this question. It’s so goddamn frustrating
They know how to use Postman and that is it.
Hey that’s not fair, plenty of them also know how to upload hardcoded secrets to postman.
Make sure to save all your secrets in git and then upload from git to postman, that way your security incident is way more repeatable
Security compromise as code.
UPTaaS: Unsolicited Penetration Tests as a Service