marighost@piefed.social to linuxmemes@lemmy.worldEnglish · 3 days agooc gosh i hope the reference hitsmedia.piefed.socialimagemessage-square56fedilinkarrow-up1556arrow-down19file-text
arrow-up1547arrow-down1imageoc gosh i hope the reference hitsmedia.piefed.socialmarighost@piefed.social to linuxmemes@lemmy.worldEnglish · 3 days agomessage-square56fedilinkfile-text
minus-squaresynae[he/him]@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up79arrow-down1·3 days agowhenever someone at work says they have trouble with a web service or api I’m like “Idk I can curl it just fine, what’s your request look like” and you would not believe how many developers get confused by this question. It’s so goddamn frustrating
minus-squarefunkajunk@lemmy.worldlinkfedilinkarrow-up31·3 days agoThey know how to use Postman and that is it.
minus-squarebcovertigo@lemmy.worldlinkfedilinkEnglisharrow-up42·3 days agoHey that’s not fair, plenty of them also know how to upload hardcoded secrets to postman.
minus-squaresynae[he/him]@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up25·edit-23 days agoMake sure to save all your secrets in git and then upload from git to postman, that way your security incident is way more repeatable
minus-squareluciferofastora@feddit.orglinkfedilinkarrow-up4·2 days agoUPTaaS: Unsolicited Penetration Tests as a Service
whenever someone at work says they have trouble with a web service or api I’m like “Idk I can curl it just fine, what’s your request look like” and you would not believe how many developers get confused by this question. It’s so goddamn frustrating
They know how to use Postman and that is it.
Hey that’s not fair, plenty of them also know how to upload hardcoded secrets to postman.
Make sure to save all your secrets in git and then upload from git to postman, that way your security incident is way more repeatable
Security compromise as code.
UPTaaS: Unsolicited Penetration Tests as a Service