PLAY PODCASTS
You Are Eye: Why Understanding URIs is Critical to Security with Michael Hendrickx
Season 1 · Episode 8

You Are Eye: Why Understanding URIs is Critical to Security with Michael Hendrickx

<p>Michael Hendrickx, Principal Security Engineering Manager at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Michael works in Azure security at Microsoft and leads a team focused on conducting penetration tests on Azure services. The team draws inspiration from the bug bounty community and external sources, leveraging their insights and findings for their research. Michael also discusses the curiosity and exploration mindset needed for both engineers and researchers when it comes to investigating and discovering security vulnerabilities, how developers can effectively protect sensitive data transmitted over insecure networks, and the potential risks and challenges associated with third-party integrations in web applications. </p><br><p><strong>In This Episode You Will Learn</strong>:   </p><p><br></p><ul><li>Server-side request forgery and its importance in the context of security</li><li>Potential security vulnerabilities associated with different parts of a URI</li><li>Importance of collaboration, knowledge sharing, and investigation among developers</li></ul><p><br></p><p><strong>Some Questions We Ask:</strong>   </p><p><br></p><ul><li>What is the focus and target audience for "Shift Left?" </li><li>Should researchers engage in URL manipulation to identify potential vulnerabilities?</li><li>What security vulnerabilities should developers be aware of when designing web applications?</li></ul><p><br></p><br><p><strong>Resources:</strong>  </p><p><a href="https://www.linkedin.com/in/ndrix/" rel="noopener noreferrer" target="_blank">View Michael Hendrickx on LinkedIn</a></p><p><a href="https://www.linkedin.com/in/wendyzenone/" rel="noopener noreferrer" target="_blank">View Wendy Zenone on LinkedIn</a></p><p><a href="https://www.linkedin.com/in/nicfill/" rel="noopener noreferrer" target="_blank">View Nic Fillingham on LinkedIn</a></p><br><p><br></p><p>Discover and follow other Microsoft podcasts at<a href="https://news.microsoft.com/podcasts/" rel="noopener noreferrer" target="_blank"> microsoft.com/podcasts</a> </p><br /><hr><p style='color:grey; font-size:0.75em;'> Hosted on Acast. See <a style='color:grey;' target='_blank' rel='noopener noreferrer' href='https://acast.com/privacy'>acast.com/privacy</a> for more information.</p>

The BlueHat Podcast · Microsoft

July 26, 202334m 31s

Audio is streamed directly from the publisher (traffic.megaphone.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Michael Hendrickx, Principal Security Engineering Manager at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Michael works in Azure security at Microsoft and leads a team focused on conducting penetration tests on Azure services. The team draws inspiration from the bug bounty community and external sources, leveraging their insights and findings for their research. Michael also discusses the curiosity and exploration mindset needed for both engineers and researchers when it comes to investigating and discovering security vulnerabilities, how developers can effectively protect sensitive data transmitted over insecure networks, and the potential risks and challenges associated with third-party integrations in web applications. 


In This Episode You Will Learn:   


  • Server-side request forgery and its importance in the context of security
  • Potential security vulnerabilities associated with different parts of a URI
  • Importance of collaboration, knowledge sharing, and investigation among developers


Some Questions We Ask:   


  • What is the focus and target audience for "Shift Left?" 
  • Should researchers engage in URL manipulation to identify potential vulnerabilities?
  • What security vulnerabilities should developers be aware of when designing web applications?



Resources:  

View Michael Hendrickx on LinkedIn

View Wendy Zenone on LinkedIn

View Nic Fillingham on LinkedIn



Discover and follow other Microsoft podcasts at microsoft.com/podcasts


Hosted on Acast. See acast.com/privacy for more information.

← All episodes of The BlueHat Podcast