Protecting your app from attacks with Security Engineer, Paul Moreno
Paul Moreno is a startup veteran and security engineer who takes a data driven approach to security problems. He was previously Security Engineering Lead at Pinterest and EMEA Security Engineering Lead at Uber, and is now working on cybersecurity at Adyen.
In this semi-interactive talk, Paul will look into why certificate validation is important for mobile apps. With last year’s wireless Key Reinstallation Attack vulnerability, KRACK for short, much needed light was brought onto the neglected topic of certificate validation.
- Why validation is important
- How it works
- How it can fail (badly)
He'll also provide some guidance on open source tools you can use to test your apps. Finally, (if the luck of the demo fairy blesses him), he'll have a working demo to provide a live view into what an attacker could see with your app.
There is room for Q&A at the end!
Note: this talk is aimed at a technical audience.