@carrriene Profile picture

Karina

@carrriene

appsec engineer, climber, TEDx org

Joined July 2018
Similar User
daniyar photo

@agabekovd

санитайзер твоей души photo

@anubeck

Päke Tentser 🇰🇿 photo

@paveltentser

Хорошева photo

@SabinaWay

Durian Gay photo

@magrittelovers

Saniya Serikova photo

@Serikava

St_Amina 💙💛 photo

@AminaSerzhanova

одетый землекоп photo

@balishjylqyeti

что-то пошло не так photo

@aurgelmyr

Jami photo

@hoolagoola

Мадина photo

@grisasueva

Aigerim Tastanova photo

@aige_rim

♎Georgette photo

@Libraliya

парампампам photo

@nalgozhina

Rachel Green photo

@aikosha_a

Excited to share that our TEDxAstana has been awarded @TEDx Legacy status! Out of 3,500+ TEDx events held each year, less than 20 have received this recognition in the entire history of TEDx. Proud of our team's commitment to spreading ideas that matter in our region.

Tweet Image 1

Now, when auditors ask where I get info on which vulnerabilities are currently being exploited for threat intelligence, I honestly answer: on Twitter


Had my very first talk at an IT conference. Shared some basic tech tips that can be implemented for boosting product security, even if you’re rolling without an AppSec or DevSecOps engineer on your team.

Tweet Image 1

27 апреля выступаю на Beetech conf, билеты на: beetech.kz

Tweet Image 1

love all these memes about xz


oh I hate Mondays


Good morning to everyone, except for @Microsoft, who refuses to pay for SMS and instead sends 2FA codes via WhatsApp on behalf of a certain ADA OTP. 🤯🤯🤯

Tweet Image 1

Мы будем скучать, Света.

Смотрите, что значит "сесть на голову" на самом деле

Tweet Image 1


AWS set up a data center in our country, meaning we can finally tap into the cloud without any pesky legal restrictions. Our DevOps and DEVs are already asking when I'll be leveling up my AWS skills. Being an application security engineer is always exciting!😁


Google has rolled out a new security feature, but they still haven't implemented SAML for Google Play Console, which means we're stuck with workarounds to grant access to developers and analysts. Come on, Google, get with the program!

Good news if you have a Google Workspace account: workspace.google.com/blog/product-a…



Karina Reposted

appsec is hard

A vulnerability in Azure? How about 3 of those? Uncovering 2 SSRFs + a file upload path traversal I discovered in the Azure API Management service. Attackers could send requests from the service’s proxies, access internal Azure assets, deny service and upload malicious files🧵



😎

This weekend @_beeline_kz held their annual beetech conference bringing together more than 1000 IT specialists from across the country to discuss the opportunities & challenges faced by the IT sector in Kazakhstan. Attendees took part in a series of workshops & panel discussions

Tweet Image 1
Tweet Image 2
Tweet Image 3
Tweet Image 4


Engaging with a developer who becomes an unofficial security champion, and then losing them due to employment change can be frustrating. Usually, I dislike such moments. However, on the bright side, someone else will gain a valuable developer who remembers about security.


If you want to see the Reelrock, bring the #Reelrock. And we did!

Tweet Image 1

climbing & coffee makes me alive again

Tweet Image 1
Tweet Image 2

Карта разломов Алматы от AgriTech Hub Kazakhstan: agritech.maps.arcgis.com/apps/dashboard… Там разные слои – эпицентры, разломы, зоны интенсивности. Справа тоже всё кликабельно – землетрясения по силе, пики, магнитуды.


Didn’t have time to research what open source projects could solve my problem, asked ChatGPT to make me a list and got 8 answers to my question. I am in love with AI.


writing user security stories for the dev team for the first time, so excited!!


Loading...

Something went wrong.


Something went wrong.