SlideShare una empresa de Scribd logo

StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 World

Descargar como PPT, PDF
S
Start Pad

Damon Cortesi of Alchemy Security presents the most effective ways to plug the most common holes found in web services. Learn about XSS, SQL injection, and why you should care about these things now instead of later.

Tecnología
1 de 30
Hacking and Compliance in a Web 2.0 World ,[object Object],[object Object],[object Object]
$ whoami ,[object Object],[object Object],[object Object],[object Object]
$ cat ~/.plan ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Web 2.0 Frameworks ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The “kind of” - XSS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Define Briefly ,[object Object],[object Object],[object Object],[object Object],[object Object]
XSS - The Bad, The Ugly ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],“ ><script>alert(‘dcash’)</script>
XSS Scenarios ,[object Object],[object Object],[object Object],[object Object]
Fixing XSS ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
More XSS Prevention ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Cross-Site Request Forgery ,[object Object],[object Object],[object Object]
CSRF++ ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
CSRF GET ,[object Object],[object Object],[object Object],[object Object]
CSRF POST
GMail Analysis ,[object Object],[object Object],[object Object],[object Object]
Third-Party Components ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What to Look For? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Poor Design = Poor Security ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Flash Security ,[object Object],[object Object],[object Object],[object Object]
Some Other Things... ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
And a few more... ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
One last thing ... ,[object Object],[object Object],[object Object],[object Object],[object Object]
Password Security 250 passwords later... 5 Minutes Later
Switching Gears ,[object Object]
We <3 Our Data ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Planning and Process ,[object Object],[object Object],[object Object],[object Object],[object Object]
Data Breach/Privacy Policy ,[object Object],[object Object],[object Object]
PCI ,[object Object],[object Object],[object Object],[object Object]
PCI If You Have To ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Thanks ,[object Object],http://xkcd.com/327/

Recomendados

Top Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.NetTop Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.Netalsmola
 
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeJeremiah Grossman
 
Phishing with Super Bait
Phishing with Super BaitPhishing with Super Bait
Phishing with Super BaitJeremiah Grossman
 
Web Application Security: The Land that Information Security Forgot
Web Application Security: The Land that Information Security ForgotWeb Application Security: The Land that Information Security Forgot
Web Application Security: The Land that Information Security ForgotJeremiah Grossman
 
Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"Jeremiah Grossman
 
Web security presentation
Web security presentationWeb security presentation
Web security presentationJohn Staveley
 
Attacking Web Proxies
Attacking Web ProxiesAttacking Web Proxies
Attacking Web ProxiesInMobi Technology
 
Web browser privacy and security
Web browser privacy and security Web browser privacy and security
Web browser privacy and security amiable_indian
 

Recomendados

Top Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.NetTop Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.Netalsmola
 
Rich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeRich Web App Security - Keeping your application safe
Rich Web App Security - Keeping your application safeJeremiah Grossman
 
Phishing with Super Bait
Phishing with Super BaitPhishing with Super Bait
Phishing with Super BaitJeremiah Grossman
 
Web Application Security: The Land that Information Security Forgot
Web Application Security: The Land that Information Security ForgotWeb Application Security: The Land that Information Security Forgot
Web Application Security: The Land that Information Security ForgotJeremiah Grossman
 
Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"Jeremiah Grossman
 
Web security presentation
Web security presentationWeb security presentation
Web security presentationJohn Staveley
 
Attacking Web Proxies
Attacking Web ProxiesAttacking Web Proxies
Attacking Web ProxiesInMobi Technology
 
Web browser privacy and security
Web browser privacy and security Web browser privacy and security
Web browser privacy and security amiable_indian
 
Web security leeds sharp dot netnotts
Web security leeds sharp dot netnottsWeb security leeds sharp dot netnotts
Web security leeds sharp dot netnottsJohn Staveley
 
Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Tonya R. Taylor
 
Designing for Privacy in Mobile and Web Apps - Interaction '14, Amsterdam
Designing for Privacy in Mobile and Web Apps - Interaction '14, AmsterdamDesigning for Privacy in Mobile and Web Apps - Interaction '14, Amsterdam
Designing for Privacy in Mobile and Web Apps - Interaction '14, AmsterdamAmber Case
 
Browser Security by pratimesh Pathak ( Buldhana)
Browser Security by pratimesh Pathak ( Buldhana) Browser Security by pratimesh Pathak ( Buldhana)
Browser Security by pratimesh Pathak ( Buldhana) Pratimesh Pathak
 
Brute force
Brute forceBrute force
Brute forcePrajwal Panchmahalkar
 
Internet User Privacy
Internet User PrivacyInternet User Privacy
Internet User PrivacyNHS Student
 
Web site hacking;what does it mean
Web site hacking;what does it meanWeb site hacking;what does it mean
Web site hacking;what does it meanMetaKave
 
Web Security
Web SecurityWeb Security
Web SecurityAli Habeeb
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Jay Nagar
 
Word press security guard
Word press security guardWord press security guard
Word press security guardAdrianoViana25
 
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Jeremiah Grossman
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - PasswordsBarry Caplin
 
Top Ten Web Hacking Techniques – 2008
Top Ten Web Hacking Techniques – 2008Top Ten Web Hacking Techniques – 2008
Top Ten Web Hacking Techniques – 2008Jeremiah Grossman
 
Web Server Web Site Security
Web Server Web Site SecurityWeb Server Web Site Security
Web Server Web Site SecuritySteven Cahill
 
Effects of using IT
Effects of using ITEffects of using IT
Effects of using ITMirza Ćutuk
 
Security Function
Security FunctionSecurity Function
Security FunctionSamuel Soon
 
Greater Wheeling AITP Web Security
Greater Wheeling AITP Web SecurityGreater Wheeling AITP Web Security
Greater Wheeling AITP Web SecurityJohn Parkinson
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password ProtectionNikhil D
 
The Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityThe Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityAidanChard
 
Updated Mvc Web security updated presentation
Updated Mvc Web security updated presentationUpdated Mvc Web security updated presentation
Updated Mvc Web security updated presentationJohn Staveley
 
Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001Miguel Ibarra
 
B-sides Las Vegas - social network security
B-sides Las Vegas - social network securityB-sides Las Vegas - social network security
B-sides Las Vegas - social network securityDamon Cortesi
 

Más contenido relacionado

La actualidad más candente

Web security leeds sharp dot netnotts
Web security leeds sharp dot netnottsWeb security leeds sharp dot netnotts
Web security leeds sharp dot netnottsJohn Staveley
 
Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Tonya R. Taylor
 
Designing for Privacy in Mobile and Web Apps - Interaction '14, Amsterdam
Designing for Privacy in Mobile and Web Apps - Interaction '14, AmsterdamDesigning for Privacy in Mobile and Web Apps - Interaction '14, Amsterdam
Designing for Privacy in Mobile and Web Apps - Interaction '14, AmsterdamAmber Case
 
Browser Security by pratimesh Pathak ( Buldhana)
Browser Security by pratimesh Pathak ( Buldhana) Browser Security by pratimesh Pathak ( Buldhana)
Browser Security by pratimesh Pathak ( Buldhana) Pratimesh Pathak
 
Internet User Privacy
Internet User PrivacyInternet User Privacy
Internet User PrivacyNHS Student
 
Web site hacking;what does it mean
Web site hacking;what does it meanWeb site hacking;what does it mean
Web site hacking;what does it meanMetaKave
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Jay Nagar
 
Word press security guard
Word press security guardWord press security guard
Word press security guardAdrianoViana25
 
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Jeremiah Grossman
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - PasswordsBarry Caplin
 
Top Ten Web Hacking Techniques – 2008
Top Ten Web Hacking Techniques – 2008Top Ten Web Hacking Techniques – 2008
Top Ten Web Hacking Techniques – 2008Jeremiah Grossman
 
Web Server Web Site Security
Web Server Web Site SecurityWeb Server Web Site Security
Web Server Web Site SecuritySteven Cahill
 
Effects of using IT
Effects of using ITEffects of using IT
Effects of using ITMirza Ćutuk
 
Security Function
Security FunctionSecurity Function
Security FunctionSamuel Soon
 
Greater Wheeling AITP Web Security
Greater Wheeling AITP Web SecurityGreater Wheeling AITP Web Security
Greater Wheeling AITP Web SecurityJohn Parkinson
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password ProtectionNikhil D
 
The Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityThe Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityAidanChard
 
Updated Mvc Web security updated presentation
Updated Mvc Web security updated presentationUpdated Mvc Web security updated presentation
Updated Mvc Web security updated presentationJohn Staveley
 

La actualidad más candente (20)

Web security leeds sharp dot netnotts
Web security leeds sharp dot netnottsWeb security leeds sharp dot netnotts
Web security leeds sharp dot netnotts
 
Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.Small Business Owners – Don’t Get Caught With Out Data Security.
Small Business Owners – Don’t Get Caught With Out Data Security.
 
Designing for Privacy in Mobile and Web Apps - Interaction '14, Amsterdam
Designing for Privacy in Mobile and Web Apps - Interaction '14, AmsterdamDesigning for Privacy in Mobile and Web Apps - Interaction '14, Amsterdam
Designing for Privacy in Mobile and Web Apps - Interaction '14, Amsterdam
 
Browser Security by pratimesh Pathak ( Buldhana)
Browser Security by pratimesh Pathak ( Buldhana) Browser Security by pratimesh Pathak ( Buldhana)
Browser Security by pratimesh Pathak ( Buldhana)
 
Brute force
Brute forceBrute force
Brute force
 
Internet User Privacy
Internet User PrivacyInternet User Privacy
Internet User Privacy
 
Web site hacking;what does it mean
Web site hacking;what does it meanWeb site hacking;what does it mean
Web site hacking;what does it mean
 
Web Security
Web SecurityWeb Security
Web Security
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )
 
Word press security guard
Word press security guardWord press security guard
Word press security guard
 
Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012Top Ten Web Hacking Techniques of 2012
Top Ten Web Hacking Techniques of 2012
 
Online Self Defense - Passwords
Online Self Defense - PasswordsOnline Self Defense - Passwords
Online Self Defense - Passwords
 
Top Ten Web Hacking Techniques – 2008
Top Ten Web Hacking Techniques – 2008Top Ten Web Hacking Techniques – 2008
Top Ten Web Hacking Techniques – 2008
 
Web Server Web Site Security
Web Server Web Site SecurityWeb Server Web Site Security
Web Server Web Site Security
 
Effects of using IT
Effects of using ITEffects of using IT
Effects of using IT
 
Security Function
Security FunctionSecurity Function
Security Function
 
Greater Wheeling AITP Web Security
Greater Wheeling AITP Web SecurityGreater Wheeling AITP Web Security
Greater Wheeling AITP Web Security
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password Protection
 
The Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress SecurityThe Ultimate Guide to Wordpress Security
The Ultimate Guide to Wordpress Security
 
Updated Mvc Web security updated presentation
Updated Mvc Web security updated presentationUpdated Mvc Web security updated presentation
Updated Mvc Web security updated presentation
 

Similar a StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 World

Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001Miguel Ibarra
 
B-sides Las Vegas - social network security
B-sides Las Vegas - social network securityB-sides Las Vegas - social network security
B-sides Las Vegas - social network securityDamon Cortesi
 
You Spent All That Money And Still Got Owned
You Spent All That Money And Still Got OwnedYou Spent All That Money And Still Got Owned
You Spent All That Money And Still Got OwnedJoe McCray
 
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wnedLayer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wnedfangjiafu
 
Application Security
Application SecurityApplication Security
Application Securitynirola
 
Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Matt Johansen
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threatAvădănei Andrei
 
Defending Against Attacks With Rails
Defending Against Attacks With RailsDefending Against Attacks With Rails
Defending Against Attacks With RailsTony Amoyal
 
Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"Jeremiah Grossman
 
Avoiding Cross Site Scripting - Not as easy as you might think
Avoiding Cross Site Scripting - Not as easy as you might thinkAvoiding Cross Site Scripting - Not as easy as you might think
Avoiding Cross Site Scripting - Not as easy as you might thinkErlend Oftedal
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_pptNarayanan
 
How not to suck at Cyber Security
How not to suck at Cyber SecurityHow not to suck at Cyber Security
How not to suck at Cyber SecurityChris Watts
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applicationsDevnology
 
Don't get stung - an introduction to the OWASP Top 10
Don't get stung - an introduction to the OWASP Top 10Don't get stung - an introduction to the OWASP Top 10
Don't get stung - an introduction to the OWASP Top 10Barry Dorrans
 

Similar a StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 World (20)

Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001
 
B-sides Las Vegas - social network security
B-sides Las Vegas - social network securityB-sides Las Vegas - social network security
B-sides Las Vegas - social network security
 
You Spent All That Money And Still Got Owned
You Spent All That Money And Still Got OwnedYou Spent All That Money And Still Got Owned
You Spent All That Money And Still Got Owned
 
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wnedLayer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
Layer one 2011-joe-mccray-you-spent-all-that-money-and-still-got-0wned
 
Unusual Web Bugs
Unusual Web BugsUnusual Web Bugs
Unusual Web Bugs
 
Web Bugs
Web BugsWeb Bugs
Web Bugs
 
Seguridad Corporativa Con Internet Explorer 8(1)
Seguridad Corporativa Con Internet Explorer 8(1)Seguridad Corporativa Con Internet Explorer 8(1)
Seguridad Corporativa Con Internet Explorer 8(1)
 
Application Security
Application SecurityApplication Security
Application Security
 
Top 10 Web Hacks 2012
Top 10 Web Hacks 2012Top 10 Web Hacks 2012
Top 10 Web Hacks 2012
 
Securing Applications
Securing ApplicationsSecuring Applications
Securing Applications
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threat
 
Xss is more than a simple threat
Xss is more than a simple threatXss is more than a simple threat
Xss is more than a simple threat
 
Defending Against Attacks With Rails
Defending Against Attacks With RailsDefending Against Attacks With Rails
Defending Against Attacks With Rails
 
Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013
 
Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"
 
Avoiding Cross Site Scripting - Not as easy as you might think
Avoiding Cross Site Scripting - Not as easy as you might thinkAvoiding Cross Site Scripting - Not as easy as you might think
Avoiding Cross Site Scripting - Not as easy as you might think
 
Ethical_Hacking_ppt
Ethical_Hacking_pptEthical_Hacking_ppt
Ethical_Hacking_ppt
 
How not to suck at Cyber Security
How not to suck at Cyber SecurityHow not to suck at Cyber Security
How not to suck at Cyber Security
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applications
 
Don't get stung - an introduction to the OWASP Top 10
Don't get stung - an introduction to the OWASP Top 10Don't get stung - an introduction to the OWASP Top 10
Don't get stung - an introduction to the OWASP Top 10
 

Más de Start Pad

StartPad Countdown 4 - Windows Azure
StartPad Countdown 4 - Windows AzureStartPad Countdown 4 - Windows Azure
StartPad Countdown 4 - Windows AzureStart Pad
 
StartPad Countdown 5 - Google Geo: Mobile Mapping
StartPad Countdown 5 - Google Geo: Mobile MappingStartPad Countdown 5 - Google Geo: Mobile Mapping
StartPad Countdown 5 - Google Geo: Mobile MappingStart Pad
 
Crystal Ball for your Internet Startup
Crystal Ball for your Internet StartupCrystal Ball for your Internet Startup
Crystal Ball for your Internet StartupStart Pad
 
StartPad Countdown 6 - ACLU 2.0: Demand Your dotRights
StartPad Countdown 6 - ACLU 2.0: Demand Your dotRightsStartPad Countdown 6 - ACLU 2.0: Demand Your dotRights
StartPad Countdown 6 - ACLU 2.0: Demand Your dotRightsStart Pad
 
How To Wrangle A Team To Build Your Company
How To Wrangle A Team To Build Your CompanyHow To Wrangle A Team To Build Your Company
How To Wrangle A Team To Build Your CompanyStart Pad
 
StartPad Countdown 0 - Save the Programmer. Save the Planet.
StartPad Countdown 0 - Save the Programmer. Save the Planet.StartPad Countdown 0 - Save the Programmer. Save the Planet.
StartPad Countdown 0 - Save the Programmer. Save the Planet.Start Pad
 
StartPad Countdown 3 - (Patent Pending)
StartPad Countdown 3 - (Patent Pending)StartPad Countdown 3 - (Patent Pending)
StartPad Countdown 3 - (Patent Pending)Start Pad
 
StartPad Countdown 5 - The App Engine That Google Built
StartPad Countdown 5 - The App Engine That Google BuiltStartPad Countdown 5 - The App Engine That Google Built
StartPad Countdown 5 - The App Engine That Google BuiltStart Pad
 
StartPad Countdown 7 - Extreme Makeover Web Edition
StartPad Countdown 7 - Extreme Makeover Web EditionStartPad Countdown 7 - Extreme Makeover Web Edition
StartPad Countdown 7 - Extreme Makeover Web EditionStart Pad
 
StartPad Countdown 8 - Amazon Web Services and You
StartPad Countdown 8 - Amazon Web Services and YouStartPad Countdown 8 - Amazon Web Services and You
StartPad Countdown 8 - Amazon Web Services and YouStart Pad
 
StartPad Countdown 9 - Corporate Structures, Common Problems
StartPad Countdown 9 - Corporate Structures, Common ProblemsStartPad Countdown 9 - Corporate Structures, Common Problems
StartPad Countdown 9 - Corporate Structures, Common ProblemsStart Pad
 

Más de Start Pad (11)

StartPad Countdown 4 - Windows Azure
StartPad Countdown 4 - Windows AzureStartPad Countdown 4 - Windows Azure
StartPad Countdown 4 - Windows Azure
 
StartPad Countdown 5 - Google Geo: Mobile Mapping
StartPad Countdown 5 - Google Geo: Mobile MappingStartPad Countdown 5 - Google Geo: Mobile Mapping
StartPad Countdown 5 - Google Geo: Mobile Mapping
 
Crystal Ball for your Internet Startup
Crystal Ball for your Internet StartupCrystal Ball for your Internet Startup
Crystal Ball for your Internet Startup
 
StartPad Countdown 6 - ACLU 2.0: Demand Your dotRights
StartPad Countdown 6 - ACLU 2.0: Demand Your dotRightsStartPad Countdown 6 - ACLU 2.0: Demand Your dotRights
StartPad Countdown 6 - ACLU 2.0: Demand Your dotRights
 
How To Wrangle A Team To Build Your Company
How To Wrangle A Team To Build Your CompanyHow To Wrangle A Team To Build Your Company
How To Wrangle A Team To Build Your Company
 
StartPad Countdown 0 - Save the Programmer. Save the Planet.
StartPad Countdown 0 - Save the Programmer. Save the Planet.StartPad Countdown 0 - Save the Programmer. Save the Planet.
StartPad Countdown 0 - Save the Programmer. Save the Planet.
 
StartPad Countdown 3 - (Patent Pending)
StartPad Countdown 3 - (Patent Pending)StartPad Countdown 3 - (Patent Pending)
StartPad Countdown 3 - (Patent Pending)
 
StartPad Countdown 5 - The App Engine That Google Built
StartPad Countdown 5 - The App Engine That Google BuiltStartPad Countdown 5 - The App Engine That Google Built
StartPad Countdown 5 - The App Engine That Google Built
 
StartPad Countdown 7 - Extreme Makeover Web Edition
StartPad Countdown 7 - Extreme Makeover Web EditionStartPad Countdown 7 - Extreme Makeover Web Edition
StartPad Countdown 7 - Extreme Makeover Web Edition
 
StartPad Countdown 8 - Amazon Web Services and You
StartPad Countdown 8 - Amazon Web Services and YouStartPad Countdown 8 - Amazon Web Services and You
StartPad Countdown 8 - Amazon Web Services and You
 
StartPad Countdown 9 - Corporate Structures, Common Problems
StartPad Countdown 9 - Corporate Structures, Common ProblemsStartPad Countdown 9 - Corporate Structures, Common Problems
StartPad Countdown 9 - Corporate Structures, Common Problems
 

Último

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 

Último (20)

presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 

StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 World

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23. Password Security 250 passwords later... 5 Minutes Later
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.