Heads up, we’ve moved! If you’d like to continue keeping up with the latest technical content from Square please visit us at our new home https://developer.squareup.com/blog

Square’s Information Security team runs a quarterly security meetup, Square R00t, which features several security- and data privacy-related lightning talks.

Recently, Jason Haddix, Chris Rohlf, Jake Heath, and Michael Roberts gave infosec talks at our “Square SqR00t — Offensive Security” event in Square’s San Francisco office. (Thanks to everyone who attended!) Two of these talks were recorded and are now available on our Square Engineering YouTube channel. Enjoy!

Tracing User Input Through JS is for Tools — Jake Heath and Michael Roberts

Jake and Michael present a tool they wrote to automate the process of finding cross site scripting on a penetration test.

Emergent Recon — Jason Haddix

Jason presents his methodology for finding targets against a company that he needs to hack.

If you’re interested in seeing more talks like these (or giving a talk!), be sure to attend our next Square R00t events! We have two events planned for Q4 2018:

Our first Square R00t in NYC on November 14, 2018.

Our next San Francisco event occurs on December.

We’ll share more details on the SquareEng Twitter account once we get closer.

Don’t forget to subscribe to the YouTube channel for more great content in the future!