You Are Eye: Why Understanding URIs is Critical to Security with Michael Hendrickx

Michael Hendrickx, Principal Security Engineering Manager at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Michael works in Azure security at Microsoft and leads a team focused on conducting penetration tests on Azure services. The team draws inspiration from the bug bounty community and external sources, leveraging their insights and findings for their research. Michael also discusses the curiosity and exploration mindset needed for both engineers and researchers when it comes to investigating and discovering security vulnerabilities, how developers can effectively protect sensitive data transmitted over insecure networks, and the potential risks and challenges associated with third-party integrations in web applications. 

In This Episode You Will Learn:   

• Server-side request forgery and its importance in the context of security
• Potential security vulnerabilities associated with different parts of a URI
• Importance of collaboration, knowledge sharing, and investigation among developers

Some Questions We Ask:   

• What is the focus and target audience for "Shift Left?" 
• Should researchers engage in URL manipulation to identify potential vulnerabilities?
• What security vulnerabilities should developers be aware of when designing web applications?

Resources:  

View Michael Hendrickx on LinkedIn

View Wendy Zenone on LinkedIn

View Nic Fillingham on LinkedIn

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Hosted on Acast. See acast.com/privacy for more information.