QCon San Francisco - Securing Code Through Social Engineering

Date & Time: Month DD, YYYY at H:MM - H:MM
Location: Venue - Street Name and Number, City, State, Postal Code
Speaker: Bishop Fox

The weakest link in a security chain is often between keyboard and chair. We have a natural instinct as humans to trust someone’s word and although various technical means have been developed to cope with security threats, human factors have been comparatively neglected. As the infosec industry matures, security attacks are relying more on targeting people personally, often through social engineering. People can’t be fixed the same way a bug in your software can -- they can’t be maintained and they can't always be trusted. As software developers, we are spending a lot of time designing, perfecting and testing code. We’re taught to anticipate the behavior of a user and interact with it accordingly – a sort of trust between the end user and our creation. However, security vulnerabilities often stem from attackers finding the unexpressed possibilities in code and challenging the edge cases; constantly asking ‘what if I do this?’. In this talk I will explore what software developers are overlooking and explore the processes and technical controls that can be used to achieve a strong social engineering defense. Let me turn the tables and show you how social engineering should change the way we weave security into our testing, operations, and development workflows and be used to better secure code against human threats.

Security Analyst Christina Camilleri will elaborate more at QCon San Francisco - Securing Code Through Social Engineering

Topics:QCon London

Comments

Need a Cybersecurity Expert to Speak at Your Event?

Please get in touch with our Speaker Bureau program manager, Virginie Jenck. Please email her at contact@bishopfox.com

More...

Subscribe to Updates