NOV. 3 – 8, 2019
POTSDAM, GERMANY

EUROPE'S GREATEST AGILE SOFTWARE TESTING FESTIVAL!

The security issue that killed a financial product launch

That was missed by the professional penetration testers and security 'experts'.

Security issues can be identified using the stock-and-trade critical thinking skills of a tester.

Some time ago I had the pleasure of taking part in a security bug hunt for a new financial product. This was a product ready to go to market, a product that had passed all penetration tests and was now being handed to a crowd of external testers for a final attempt to 'hack' the product.

Against all their confidence I was able to 'hack' that product and use funds to which I should not have had access. However, once I reported the vulnerability, I wasn't believed and I was asked to repeat the 'hack' multiple times until the 'experts' believed I was achieving what I was reporting - they simply couldn't believe that their penetration test result was wrong.

Like many security talks I will tell you all about the tool I used to perform this 'hack'; Unlike many security talks this is not a tool you can install, rent or puchase - because it's my brain, but your brain is capable of doing the same.

 


More Related Sessions


6-hours Full-Day Tutorial

Web Application Security

9:00-17:00
Equipment required

30-minutes New Voice Talk

Security Awareness "The Hackers Eyes"

10:25-10:55
Room F1
Equipment required

6-hours Full-Day Tutorial

When Data Becomes Code

9:00-17:00
Equipment required

30-minutes New Voice Talk

Security in Security

11:10-11:40
Room F1

Other trendig Events:

Your privacy matters

We use cookies to understand how you use our site and to give you the best experience on our website. If you continue to use this site we will assume that you are happy with it and accept our use of cookies, Privacy Policy and Terms of Use.