<p>Bom dia champs! Chegamos a mais uma edição da nossa newsletter!</p>
<h3 id="heading-links">Links</h3>
<ul>
<li><p>[artigo] <a target="_blank" href="https://martinfowler.com/articles/agile-threat-modelling.html">A Guide to Threat Modelling for Developers</a></p>
</li>
<li><p>[artigo] <a target="_blank" href="https://portswigger.net/research/smashing-the-state-machine">Smashing the state machine: the true potential of web race conditions</a></p>
</li>
<li><p>[curso - youtube] <a target="_blank" href="https://www.youtube.com/watch?app=desktop&amp;v=YYe0FdfdgDU&amp;si=GPq5mfWtLbb6PjoQ">OWASP API Security Top 10 Course – Secure Your Web Apps (by Corey Ball)</a></p>
</li>
<li><p>[artigo] <a target="_blank" href="https://mrdevops.medium.com/infisical-open-source-secretops-apply-it-using-gitops-approach-245f57fcd67e">Infisical Open Source SecretOps: Apply it using GitOps approach</a></p>
</li>
<li><p>[artigo] <a target="_blank" href="https://busk3r.medium.com/proxying-burp-traffic-through-vps-using-socks-proxy-b9abcc671aed">Proxying Burp Traffic through VPS using SOCKS Proxy</a></p>
</li>
</ul>
<h3 id="heading-vagas">Vagas</h3>
<ul>
<li><p>[Google] <a target="_blank" href="https://www.linkedin.com/jobs/view/3707383477/?alternateChannel=search&amp;refId=kFkk%2Bn9j7uPdAtiG0rS10g%3D%3D&amp;trackingId=bOaP4JKscARqqZk1KKSe6Q%3D%3D">Senior Strategic Security Consultant, Mandiant</a></p>
</li>
<li><p>[RecargaPay] <a target="_blank" href="https://www.linkedin.com/jobs/view/3693362857/?alternateChannel=search&amp;refId=iEp7xGF8OSwbJYQlnK3Zyw%3D%3D&amp;trackingId=HQdEaHiL6m%2F4Dv6hHGaKWA%3D%3D&amp;trk=d_flagship3_search_srp_jobs">Application Security Specialist</a></p>
</li>
</ul>
<h3 id="heading-siga-o-guia-de-appsec-nas-redes"><strong>Siga o Guia de AppSec nas redes!</strong></h3>
<p>Site: <a target="_blank" href="https://www.guiadeappsec.com.br/￼Youtube"><strong><a href="https://www.guiadeappsec.com.br/" class="autolinkedURL autolinkedURL-url" target="_blank">guiadeappsec.com.br</a></strong><br />Youtube</a>: <a target="_blank" href="https://www.youtube.com/@GuiadeAppSec￼Twitter"><strong><a href="https://www.youtube.com/@GuiadeAppSec" class="autolinkedURL autolinkedURL-url" target="_blank">youtube.com/@GuiadeAppSec</a></strong><br />Twitter</a> / X: <a target="_blank" href="https://twitter.com/guiadeappsec"><strong><a href="https://twitter.com/guiadeappsec" class="autolinkedURL autolinkedURL-url" target="_blank">twitter.com/guiadeappsec</a></strong></a></p>


Bom dia champs! Chegamos a mais uma edição da nossa newsletter!

### Links

* \[artigo\] [A Guide to Threat Modelling for Developers](https://martinfowler.com/articles/agile-threat-modelling.html)
    
* \[artigo\] [Smashing the state machine: the true potential of web race conditions](https://portswigger.net/research/smashing-the-state-machine)
    
* \[curso - youtube\] [OWASP API Security Top 10 Course – Secure Your Web Apps (by Corey Ball)](https://www.youtube.com/watch?app=desktop&v=YYe0FdfdgDU&si=GPq5mfWtLbb6PjoQ)
    
* \[artigo\] [Infisical Open Source SecretOps: Apply it using GitOps approach](https://mrdevops.medium.com/infisical-open-source-secretops-apply-it-using-gitops-approach-245f57fcd67e)
    
* \[artigo\] [Proxying Burp Traffic through VPS using SOCKS Proxy](https://busk3r.medium.com/proxying-burp-traffic-through-vps-using-socks-proxy-b9abcc671aed)
    

### Vagas

* \[Google\] [Senior Strategic Security Consultant, Mandiant](https://www.linkedin.com/jobs/view/3707383477/?alternateChannel=search&refId=kFkk%2Bn9j7uPdAtiG0rS10g%3D%3D&trackingId=bOaP4JKscARqqZk1KKSe6Q%3D%3D)
    
* \[RecargaPay\] [Application Security Specialist](https://www.linkedin.com/jobs/view/3693362857/?alternateChannel=search&refId=iEp7xGF8OSwbJYQlnK3Zyw%3D%3D&trackingId=HQdEaHiL6m%2F4Dv6hHGaKWA%3D%3D&trk=d_flagship3_search_srp_jobs)
    

### **Siga o Guia de AppSec nas redes!**

Site: [**https://www.guiadeappsec.com.br/**  
Youtube](https://www.guiadeappsec.com.br/￼Youtube): [**https://www.youtube.com/@GuiadeAppSec**  
Twitter](https://www.youtube.com/@GuiadeAppSec￼Twitter) / X: [**https://twitter.com/guiadeappsec**](https://twitter.com/guiadeappsec)

AppSec Newsletter 0006

Tornando a vida do security champion um pouco mais fácil a cada dia =)
