Pedro Fortuna
@pedrofortuna
Followers
797
Following
1K
Media
116
Statuses
1K
Co-Founder & CTO @Jscrambler | AppSec Speaker | OWASP Lisboa chapter leader | PCI SSC BoA
San Francisco, CA
Joined April 2009
How much are you telling about yourself to your go-to LLM? To avoid creating a huge problem in the future, always add "asking for a friend".
0
0
0
Thank God I type using all my fingers (well, one less now)
0
0
0
RT @Jscrambler: Exciting last day at PCI SSC Europe Community Meeting β³β¨πͺπΈ. β° Today at 4:10 PM - Panel: Stronger Together β The Value of Pβ¦.
0
2
0
"Zero Dependency JavaScript is the Future?" via @liran_tal .We need a better way to identify that 2 npm packages are semantically equivalent. Perhaps some sort of typescript interface-only packages and then have other pkgs declare that they implement them.
lirantal.com
The rise of zero dependency JavaScript with packages like `neotraverse` and the controversy around the `axobject-query` package demonstrate the different perspectives and trade-offs that developers...
0
3
3
Sounds like a good deal, in case you have $500k to spare.
Here's a deal for you: .1) you buy $500k worth of BTC and hold it for 5 years .2) You spend 1 week a year in π΅πΉ .3) You do an easy Portuguese proficiency test. Congratulations! You are now a fellow Portuguese Citizen and holder of an European Passport! π΅πΉπ.
0
0
0
4/ If you are as unsettled by the incident as I am, please give it a read and let me know your thoughts π.
0
0
0
3/ I highlight several key points in the article, but if I had to choose one, it would be treating every software update in your supply chain as a production change that requires thorough testing before rollout.
1
0
0
2/ I wanted to explore what companies could have done better and what behaviors and practices need to change to reduce their exposure to supply chain failures.
1
0
0
1/ Yesterdayβs #CrowdStrike incident prompted a lot of reflection, which I feel compelled to share in this article. While much of the upcoming discussion will likely focus on CrowdStrikeβs failures, I wanted to explore a different angle.
linkedin.com
The CrowdStrike incident, as far as we know, was an accident, not an attack. A software update became corrupted and was shipped, resulting in the automatic update of thousands of windows servers and...
2
0
0
This isn't just another description of the #polyfill incident. It's a reflection on what happened and a discussion on how we can defend against these types of attacks in the future . @jasvir.
Jscrambler's Co-Founder & CTO Pedro Fortuna and our Security Advisor Jasvir Nagra dive deep into the Polyfill Incident while unpacking the critical lessons learned π». Read it now at Cybersecurity Insiders π΅οΈββοΈ.
0
1
2
I had the privilege to present at @owasp on Defunct Domains as a novel Web Supply Chain attack vector. Watch the talk here: Also, try our free tool to monitor your URLs for Defunct Domains: Feedback welcome!.
0
2
1
Wonderful closing keynote from @DinisCruz at @owasp always on time despite the 500 slides.#globalappseclisbon24 #appseclisbon #owasp
0
1
9
π Iβll be speaking at #OWASP Global AppSec Lisbon 2024 next Friday! Join me for βDawn of the Dead - The Tale of the Resurrected Domainsβ. Discover vulns in third-party dependencies and how we neutralized over 1,000 compromised sites. See you there!.
1
0
5
RT @owaspporto: Excited for this week's OWASP Porto #meetup! Big thanks to @FinTrU for hosting & sponsoring drinks and dinner. π€ Join #appsβ¦.
0
1
0
RT @owasplisboa: Excited for tomorrow's OWASP Lisboa #meetup! Big thanks to @SpringerNature for hosting & sponsoring. π€ Join #appsec pros fβ¦.
0
1
0
π£ Welcome @jhejderup to Portugal! π΅πΉ Excited to have him speak at #OWASPLisboa on May 28th and #OWASPPorto on May 29th. Don't miss his insights on Software Dependencies! ππ». RSVP Lisboa: Porto:
meetup.com
Find Meetup events so you can do more of what matters to you. Or create your own group and meet people near you who share your interests.
π£ Thrilled to announce @jhejderup as our 2nd speaker for the next #OWASPLisboa meetup! Join us on May 28th for "Harnessing Reachability Analysis to Discern Real Threats in Software Dependencies" ππ». Don't miss out! RSVP now π
0
0
1
Looking forward to @0x_rcss insights!.
π£ Excited to announce @0x_rcss as our 1st speaker for the next #OWASPPorto meetup! Dive into "From Theory to Practice: Navigating the Challenges of Vulnerability Research" and uncover key insights on web security. ππ. Don't miss out! RSVP now π
0
0
1
Go @tmendo πͺ.
π£ Excited to announce @tmendo as our 1st speaker for the next #OWASPLisboa meetup! Join us on May 28th to explore "Technical Challenges of Security Scanning in CI/CD" and learn how to enhance security in your pipeline. ππ». Don't miss out! RSVP now π .
0
0
1
RT @cyberdefensemag: Exciting news! @Jscrambler is named a winner at the 12th Annual Global Infosec Awards 2024! Keep striving, keep innovaβ¦.
0
3
0
The force is strong at Jscrambler!.
π Happy Star Wars Day! π May the 4th be with you!. At Jscrambler, we're not just fans, we're Jedi-level enthusiasts! Our passion for Star Wars runs so deep that some meeting rooms in our office are Star Wars-themed π€ β¨ π. #StarWarsDay #MayThe4th #Jscrambler #StarWars
0
0
2