Back To Schedule
Wednesday, October 18 • 11:05 - 11:50
Bleeding Secrets!

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
We do our best to protect the servers' information using security controls like TLS communication, Firewall and advanced security cloud services, but then they bleed secrets (arbitrary pieces of memory are leaked to a potential attacker).

This talk observes three zero days found within security solutions (two from this year) that can be the cause for data breaches like the one from May 31 where OneLogin was breached and encrypted secrets were stolen in clear text.
We will review code, understand the vulnerabilities, assess the root cause, challenge a few assumptions (on open-source, security solutions and others) and review some best practices that can help prevent such vulnerabilities.

Wednesday October 18, 2017 11:05 - 11:50 IDT
Main Auditorium
  • Technical Level All