Ubuntu TechHive

Event Proposals

Review member-submitted ideas and support the topics you would attend.

Propose Event
proposals.index
#security

10 proposals

  1. Proposed

    Dependency Upgrade Gauntlet: Patch a Critical Library Without Breaking Users

    Practice upgrading under risk using changelogs, tests, canaries, and rollback plans.

    Difficulty: Mixed Duration: 2 hours Target date: December 30, 2026 #dependencies#security#testing
  2. Proposed

    File Upload Gauntlet: Images, PDFs, Malware, and Storage Rules

    Build a safer upload path that handles size limits, type checks, scans, and user recovery.

    Difficulty: Mixed Duration: 2 hours Target date: August 2, 2026 #security#storage#uploads
  3. Proposed

    Password Reset Security: Abuse Controls, Recovery Tokens, and User Trust

    A practical two-hour session on Password Reset Security, focused on Abuse Controls, Recovery Tokens, and User Trust. Attendees work through concrete engineering tradeoffs, review examples, and leave with a checklist they can apply in real team projects.

    Difficulty: Intermediate Duration: 2 hours Target date: January 15, 2027 #authentication#password-reset#security
  4. Proposed

    Permission Boundary Testing: Roles, Scopes, and Admin UI Access

    A practical two-hour session on Permission Boundary Testing, focused on Roles, Scopes, and Admin UI Access. Attendees work through concrete engineering tradeoffs, review examples, and leave with a checklist they can apply in real team projects.

    Difficulty: Intermediate Duration: 2 hours Target date: September 5, 2026 #authorization#security#testing
  5. Proposed

    Secrets Leak Drill: Find, Rotate, and Prevent Exposed Tokens

    A security fundamentals drill where attendees handle a leaked token from detection to prevention.

    Difficulty: Intro Duration: 2 hours Target date: October 21, 2026 #devops#git#secrets#security
  6. Proposed

    Secrets Rotation Drill: Replace Credentials Without Taking the Service Down

    Practice rotating keys, tokens, passwords, and certificates with overlap and verification.

    Difficulty: Mixed Duration: 2 hours Target date: October 4, 2026 #credentials#secrets#security
  7. Proposed

    Session Security Fundamentals: Cookies, Tokens, Logout, and Account Recovery

    A practical two-hour session on Session Security Fundamentals, focused on Cookies, Tokens, Logout, and Account Recovery. Attendees work through concrete engineering tradeoffs, review examples, and leave with a checklist they can apply in real team projects.

    Difficulty: Intro Duration: 2 hours Target date: December 3, 2026 #authentication#security#sessions
  8. Proposed

    Stale Access Cleanup: Remove Permissions When Roles Change

    Find forgotten admin rights, old project access, shared accounts, and weak offboarding paths.

    Difficulty: Mixed Duration: 2 hours Target date: January 9, 2027 #access-control#offboarding#security
  9. Proposed

    Telemetry Redaction Lab: Keep Secrets Out of Logs Forever

    Design log, trace, and error-reporting rules that preserve debugging value without leaking data.

    Difficulty: Mixed Duration: 2 hours Target date: September 22, 2026 #logging#privacy#security
  10. Proposed

    Webhook Security Fundamentals: Signatures, Replay Protection, and Audit Logs

    A practical two-hour session on Webhook Security Fundamentals, focused on Signatures, Replay Protection, and Audit Logs. Attendees work through concrete engineering tradeoffs, review examples, and leave with a checklist they can apply in real team projects.

    Difficulty: Intro Duration: 2 hours Target date: December 8, 2026 #security#signatures#webhooks