Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The security issue that killed a financial prod...
Search
Cucumber
April 04, 2019
Technology
0
36
The security issue that killed a financial product launch - Nicola Sedgwick
Cucumber
April 04, 2019
Tweet
Share
More Decks by Cucumber
See All by Cucumber
Don't restrict your living documentation to a living documentation - Laurent Py and Vincent Pretre
cucumberbdd
0
60
Examples, Emotion, Entropy - An experience report of working with Cucumber people and methods to make better things and things better - Chris Young
cucumberbdd
0
38
Why silos are corporate chocolate cake - Katherine Kirk
cucumberbdd
0
47
Fighting crime and protecting vulnerable people using Gherkin, autism and a half-built kit car. Jamie Knight and Mike Southgate
cucumberbdd
0
99
Whole team quality: In the same boat or up the creek? - Alex Schladebeck
cucumberbdd
1
120
Between quality and time to market. How to specify and test an application in an agile context with a BDD approach - Christine Groebel
cucumberbdd
0
42
Doodle-Driven Development - Ciaran McNulty
cucumberbdd
0
90
Antifragility or taming the hydra - Katja Obring
cucumberbdd
0
43
Domain Storytelling - How to learn a domain language with examples from healthcare
cucumberbdd
0
37
Other Decks in Technology
See All in Technology
250905 大吉祥寺.pm 2025 前夜祭 「プログラミングに出会って20年、『今』が1番楽しい」
msykd
PRO
1
640
S3アクセス制御の設計ポイント
tommy0124
2
190
Django's GeneratedField by example - DjangoCon US 2025
pauloxnet
0
110
【実演版】カンファレンス登壇者・スタッフにこそ知ってほしいマイクの使い方 / 大吉祥寺.pm 2025
arthur1
1
640
データアナリストからアナリティクスエンジニアになった話
hiyokko_data
2
440
DDD集約とサービスコンテキスト境界との関係性
pandayumi
2
280
下手な強制、ダメ!絶対! 「ガードレール」を「檻」にさせない"ガバナンス"の取り方とは?
tsukaman
2
420
クラウドセキュリティを支える技術と運用の最前線 / Cutting-edge Technologies and Operations Supporting Cloud Security
yuj1osm
2
310
自作JSエンジンに推しプロポーザルを実装したい!
sajikix
1
170
「どこから読む?」コードとカルチャーに最速で馴染むための実践ガイド
zozotech
PRO
0
260
Rustから学ぶ 非同期処理の仕組み
skanehira
1
130
Webブラウザ向け動画配信プレイヤーの 大規模リプレイスから得た知見と学び
yud0uhu
0
230
Featured
See All Featured
Building Adaptive Systems
keathley
43
2.7k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Become a Pro
speakerdeck
PRO
29
5.5k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
229
22k
GitHub's CSS Performance
jonrohan
1032
460k
Making the Leap to Tech Lead
cromwellryan
135
9.5k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
8
910
A Tale of Four Properties
chriscoyier
160
23k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
667
120k
The Pragmatic Product Professional
lauravandoore
36
6.9k
Typedesign – Prime Four
hannesfritz
42
2.8k
Transcript
None
the security issue that killed a financial product launch (that
was missed by the professional penetration testers and security ‘experts’)
#Cukenfest | nicolasedgwick me. (ex)Tester Agile Coach Rocket Scientist Mead
Maker CultureCon Co-Creator
bounty. Image credit https://internetbugbounty.org/ crowd. #Cukenfest | nicolasedgwick
crowd. Photo credit Rob Curran on Unsplash #Cukenfest | nicolasedgwick
reputation. crowd. #Cukenfest | nicolasedgwick
competition. Photo credit Patryk Sobczak on Unsplash crowd. #Cukenfest |
nicolasedgwick
reward. Photo credit Christian Dubovan on Unsplash crowd. #Cukenfest |
nicolasedgwick
story. Photo credit Sharon McCutcheon on Unsplash #Cukenfest | nicolasedgwick
vulnerable. Photo credit Mihály Köles on Unsplash story. #Cukenfest |
nicolasedgwick
ethics. story. Photo credit Cristian Newman on Unsplash #Cukenfest |
nicolasedgwick
challenge. Photo credit Luke van Zyl on Unsplash #Cukenfest |
nicolasedgwick
shopping. challenge. Photo credit rawpixel on Unsplash #Cukenfest | nicolasedgwick
practicalities. Photo credit Fancycrave on Unsplash challenge. #Cukenfest | nicolasedgwick
situation. Photo credit Matt Botsford on Unsplash #Cukenfest | nicolasedgwick
owasp. https://www.owasp.org situation. #Cukenfest | nicolasedgwick
professionals. Photo credit Hello I'm Nik on Unsplash crowd. #Cukenfest
| nicolasedgwick
tools. situation. #Cukenfest | nicolasedgwick
understanding. Photo credit John Carlisle on Unsplash situation. #Cukenfest |
nicolasedgwick
photo. #Cukenfest | nicolasedgwick analysis. Photo credit Luke van Zyl
on Unsplash #Cukenfest | nicolasedgwick
protected. Photo credit Robert Hickerson on Unsp analysis. #Cukenfest |
nicolasedgwick
impenetrable. Photo credit Ben Hershey on Unsplash analysis. #Cukenfest |
nicolasedgwick
landscape. Photo credit Luo Lei on Unsplash analysis. #Cukenfest |
nicolasedgwick
sense. Photo credit Vladislav Klapin on Unspla analysis. #Cukenfest |
nicolasedgwick
hacking. Photo credit Markus Spiske on Unsplash #Cukenfest | nicolasedgwick
vulnerability. Photo credit Hans-Peter Gauster on Unsplash hacking. #Cukenfest |
nicolasedgwick
system. Photo credit rawpixel on Unsplash hacking. #Cukenfest | nicolasedgwick
transmission. Photo credit Jack Price-Burns on Unsplash hacking. #Cukenfest |
nicolasedgwick
breach. Photo credit Ben Hershey on Unsplash hacking. #Cukenfest |
nicolasedgwick
disbelief. Photo credit Jonathan Hoxmark on Unsplash #Cukenfest | nicolasedgwick
denied. Photo credit B J on Unsplash disbelief. #Cukenfest |
nicolasedgwick
perhaps. Photo credit Mike Wilson on Unsplash disbelief. #Cukenfest |
nicolasedgwick
repetition. Photo credit Tine Ivanič on Unsplash #Cukenfest | nicolasedgwick
footsteps. Photo credit eberhard grossgasteiger o repetition. #Cukenfest | nicolasedgwick
advice. Photo credit Melinda Gimpel on Unsplash repetition. #Cukenfest |
nicolasedgwick
realisation. Photo credit Jez Timms on Unsplash repetition. #Cukenfest |
nicolasedgwick
Photo credit Stephanie Watters Flores on Unsplash outcome. #Cukenfest |
nicolasedgwick
bounty. Photo credit Brian Mann on Unsplash outcome. #Cukenfest |
nicolasedgwick
#Cukenfest | nicolasedgwick takeaways. • You already have the skill
you need to find security issues … your brain! • Critical thinking skills are perfect for locating security problems. • Engage security assessment as part of architecture planning and throughout development.
#Cukenfest | nicolasedgwick summary. experts CAN be wrong penetration tests
are NOT security think security at ALL points this is NOT an isolated situation
None