Okay, so fair warning, this week the guys kick things off talking about a horse of a different color. This isn’t web related, but Michael insisted that we talk about it. It might be a The Ring style ploy, and if so, we apologize for your eminent death. This is all about the David Lynch series Rabbits. The internet has kept alive this bizarre “sitcom” that Lynch produced in the early-aughts, and it turns out, it has become the subject of much research, such as:

• Anxiety? Existential crisis? David Lynch film? Take a Tylenol
• David Lynch Made a Disturbing Web Sitcom Called “Rabbits”: It’s Now Used by Psychologists to Induce a Sense of Existential Crisis in Research Subjects

A video of Rabbits is embedded below, along with videos of Too Many Cooks and Rejected Cartoons to compare it to. What do you think? Confused and somewhat disoriented? Good. Information on the rest of the episode continues after the jump.

So, the meat and potatoes of this week’s episode focuses on guest Chris Wiegman, where we look into getting started in web security. We don’t try to get too prescriptive with any one tool, but instead go over the tools whose names you should know and follow up with, and resources that will help you get better. Whether you are trying to lock down a server you use for development, or just want to write better code, we have some helpful advice for you to get you thinking about how security factors into your work online.

Check out the links below for all the resources we mentioned in the episode plus a little extra, and drop into the comments and let us know what your favorite tools are, along with what you’ve found most useful to help you learn about web security.

Followup Resources

• 7 Security Measures to Protect Your Servers is a guide provided by Digital Ocean
• ANYCon 2017 keynote from Dave Kennedy via YouTube
• Application Security For WordPress Developers is a talk available via WordPress.TV from our guest, Chris Wiegman
• The Art of Deception by Kevin Mitnick
• Configuring Yubikeys, GPG, and Keybase for those interested in hardware key options for two-factor authentication
• The Digital Ocean Security Community features all 275 articles on server security that they have compiled
• Hack the Box offers a unique chance to test your skills by trying to get access to a system designed to be a challenge for security-minded developers
• Keeping Web Users Safe By Sanitizing Input Data is an older article that still has great info about how to make sure your inputs are safe
• Making it safer to break the news looks at ways to communicate securely and how it works.
• The Open Web Application Security Project is a wealth of information on all things infosec
  • The OWASP Top Ten Project offers an annual review of the top security concerns for the year
• SANS.org provide a lot of training and certification options in the infosec realm
• Tales from a base64 wordpress hack, part 1: detection reviews how you can detect that your WordPress site has been hacked
• VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
• Qualsys SSL Labs can scan your domain’s SSL support and give you a report on the security features you have and which ones have issues
• Web Security Basics presented via GitHub by vasanthk (so update and correct if you want to help out)