45: SSO, Open ID, & Anvil Connect

Identity is the missing link that connects all your users, apps, services, and devices to each other and the rest of the world. Christian Smith (@anvilhacks) is founder of Anvil Research (@AnvilResearch) and the creator of Anvil Connect, an open source authorization server built with Node.js to authenticate your users and protect your APIs.


Anvil Connect simplifies security when you have many apps and services to integrate. It acts as a broker between your apps, APIs, and a long list of OAuth providers like Google, Facebook, Twitter, and GitHub. The server works with apps written in any programming language that speaks HTTP. The code is MIT licensed and implements open standards like OAuth 2.0, OpenID Connect, and JSON Web Tokens.



Direct download: episode-45_sso-openid-and-anvil-connect.mp3
Category:security -- posted at: 10:30am EDT

44: Organizing & Speaking at Developer Events

It can be overwhelming and, in some cases, downright scary to speak at events for many developers. Aaron Frost, co-organizer of ng-conf & Google Developer Expert, (@js_dev) talks with us about his experiences, mistakes, and triumphs while speaking at developer events as well as organizing them.



Direct download: episode-44_organizing-and-speaking-developer-events.mp3
Category:community -- posted at: 2:31pm EDT

43: Modern JavaScript with ES6 & ES7


The world of JavaScript is a large one. AJ O’Neal (@coolAJ86), Podcaster & JavaScript Developer along with Netflix UI Architect & TC-39 Member, Jafar Husain (@jhusain) take us through opinions & facts about the state of the ubiquitous JavaScript language. Modern application development can daunting for developers just coming into web technology & JavaScript. Utilizing the latest & greatest in the language is not as easy as one might think and in some case it may be possible.


Then there are the transpilers & package managers. So many tools to polyfill or shim and features seems like more work than we’d want for a fast production project. Is it worth utilizing the benefits of ES6 & ES7? AJ & Jafar share with us what they think.




Direct download: episode-43_modern-javascript-with-es6-and-es7.mp3
Category:JavaScript -- posted at: 3:31pm EDT

42: Human Hacking & Social Engineering

What is Social Engineering (SE) and why should developers care? It is the ability to manipulate. It is the power to influence, elicit, and misdirect. It is a means hackers can use, for better or worse, to breach or protect companies, start or stop cyber wars, commit or prevent cyber crimes, and steal or secure your data.


Social Engineer, hacker, & author Chris Hadnagy (@humanhacker) discusses the dangers technology companies & developers are exposed to everyday. Social Engineering has become an art form. It can be used to help or hinder others. Those that help prevent SE attacks like Chris are known as White Hats. Those that seek to harm and take from others with malicious intent are known as Black Hats.


To Black Hats, we are just obstacles standing in the way of their goals. These individuals will do whatever they must to get us to reveal our secrets. Most times we even do this willingly, without ever realizing we have been hacked until it’s too late. Seemingly trivial information to us may just be the last crucial piece of information a Black Hat needs.


All the firewalls & countermeasures in the world can’t protect us from ourselves. We can’t afford to have our applications, our money, our lives hacked to bits because of our human nature. Chris talks with us on how we can prevent this from happening to us and our teams.

Upcoming Events with Chris Hadnagy



Direct download: episode-42_human-hacking-and-social-engineering.mp3
Category:security -- posted at: 11:56am EDT