Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The security issue that killed a financial prod...
Search
Cucumber
April 04, 2019
Technology
0
36
The security issue that killed a financial product launch - Nicola Sedgwick
Cucumber
April 04, 2019
Tweet
Share
More Decks by Cucumber
See All by Cucumber
Don't restrict your living documentation to a living documentation - Laurent Py and Vincent Pretre
cucumberbdd
0
59
Examples, Emotion, Entropy - An experience report of working with Cucumber people and methods to make better things and things better - Chris Young
cucumberbdd
0
38
Why silos are corporate chocolate cake - Katherine Kirk
cucumberbdd
0
47
Fighting crime and protecting vulnerable people using Gherkin, autism and a half-built kit car. Jamie Knight and Mike Southgate
cucumberbdd
0
99
Whole team quality: In the same boat or up the creek? - Alex Schladebeck
cucumberbdd
1
120
Between quality and time to market. How to specify and test an application in an agile context with a BDD approach - Christine Groebel
cucumberbdd
0
42
Doodle-Driven Development - Ciaran McNulty
cucumberbdd
0
87
Antifragility or taming the hydra - Katja Obring
cucumberbdd
0
42
Domain Storytelling - How to learn a domain language with examples from healthcare
cucumberbdd
0
37
Other Decks in Technology
See All in Technology
Enhancing SaaS Product Reliability and Release Velocity through Optimized Testing Approach
ropqa
1
250
VGGT: Visual Geometry Grounded Transformer
peisuke
1
630
How Do I Contact HP Printer Support? [Full 2025 Guide for U.S. Businesses]
harrry1211
0
130
AI エージェントと考え直すデータ基盤
na0
18
7.4k
AWS CDK 開発を成功に導くトラブルシューティングガイド
wandora58
3
170
サイバーエージェントグループのSRE10年の歩みとAI時代の生存戦略
shotatsuge
4
840
関数型プログラミングで 「脳がバグる」を乗り越える
manabeai
2
220
Getting to Know Your Legacy (System) with AI-Driven Software Archeology (WeAreDevelopers World Congress 2025)
feststelltaste
1
180
SREのためのeBPF活用ステップアップガイド
egmc
2
930
【あのMCPって、どんな処理してるの?】 AWS CDKでの開発で便利なAWS MCP Servers特集
yoshimi0227
6
750
AWS CDK 入門ガイド これだけは知っておきたいヒント集
anank
5
620
公開初日に Gemini CLI を試した話や FFmpeg と組み合わせてみた話など / Gemini CLI 初学者勉強会(#AI道場)
you
PRO
0
1k
Featured
See All Featured
Music & Morning Musume
bryan
46
6.7k
Measuring & Analyzing Core Web Vitals
bluesmoon
7
510
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
980
What’s in a name? Adding method to the madness
productmarketing
PRO
23
3.5k
Embracing the Ebb and Flow
colly
86
4.7k
Designing for Performance
lara
610
69k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
Git: the NoSQL Database
bkeepers
PRO
430
65k
Being A Developer After 40
akosma
90
590k
For a Future-Friendly Web
brad_frost
179
9.8k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
How STYLIGHT went responsive
nonsquared
100
5.6k
Transcript
None
the security issue that killed a financial product launch (that
was missed by the professional penetration testers and security ‘experts’)
#Cukenfest | nicolasedgwick me. (ex)Tester Agile Coach Rocket Scientist Mead
Maker CultureCon Co-Creator
bounty. Image credit https://internetbugbounty.org/ crowd. #Cukenfest | nicolasedgwick
crowd. Photo credit Rob Curran on Unsplash #Cukenfest | nicolasedgwick
reputation. crowd. #Cukenfest | nicolasedgwick
competition. Photo credit Patryk Sobczak on Unsplash crowd. #Cukenfest |
nicolasedgwick
reward. Photo credit Christian Dubovan on Unsplash crowd. #Cukenfest |
nicolasedgwick
story. Photo credit Sharon McCutcheon on Unsplash #Cukenfest | nicolasedgwick
vulnerable. Photo credit Mihály Köles on Unsplash story. #Cukenfest |
nicolasedgwick
ethics. story. Photo credit Cristian Newman on Unsplash #Cukenfest |
nicolasedgwick
challenge. Photo credit Luke van Zyl on Unsplash #Cukenfest |
nicolasedgwick
shopping. challenge. Photo credit rawpixel on Unsplash #Cukenfest | nicolasedgwick
practicalities. Photo credit Fancycrave on Unsplash challenge. #Cukenfest | nicolasedgwick
situation. Photo credit Matt Botsford on Unsplash #Cukenfest | nicolasedgwick
owasp. https://www.owasp.org situation. #Cukenfest | nicolasedgwick
professionals. Photo credit Hello I'm Nik on Unsplash crowd. #Cukenfest
| nicolasedgwick
tools. situation. #Cukenfest | nicolasedgwick
understanding. Photo credit John Carlisle on Unsplash situation. #Cukenfest |
nicolasedgwick
photo. #Cukenfest | nicolasedgwick analysis. Photo credit Luke van Zyl
on Unsplash #Cukenfest | nicolasedgwick
protected. Photo credit Robert Hickerson on Unsp analysis. #Cukenfest |
nicolasedgwick
impenetrable. Photo credit Ben Hershey on Unsplash analysis. #Cukenfest |
nicolasedgwick
landscape. Photo credit Luo Lei on Unsplash analysis. #Cukenfest |
nicolasedgwick
sense. Photo credit Vladislav Klapin on Unspla analysis. #Cukenfest |
nicolasedgwick
hacking. Photo credit Markus Spiske on Unsplash #Cukenfest | nicolasedgwick
vulnerability. Photo credit Hans-Peter Gauster on Unsplash hacking. #Cukenfest |
nicolasedgwick
system. Photo credit rawpixel on Unsplash hacking. #Cukenfest | nicolasedgwick
transmission. Photo credit Jack Price-Burns on Unsplash hacking. #Cukenfest |
nicolasedgwick
breach. Photo credit Ben Hershey on Unsplash hacking. #Cukenfest |
nicolasedgwick
disbelief. Photo credit Jonathan Hoxmark on Unsplash #Cukenfest | nicolasedgwick
denied. Photo credit B J on Unsplash disbelief. #Cukenfest |
nicolasedgwick
perhaps. Photo credit Mike Wilson on Unsplash disbelief. #Cukenfest |
nicolasedgwick
repetition. Photo credit Tine Ivanič on Unsplash #Cukenfest | nicolasedgwick
footsteps. Photo credit eberhard grossgasteiger o repetition. #Cukenfest | nicolasedgwick
advice. Photo credit Melinda Gimpel on Unsplash repetition. #Cukenfest |
nicolasedgwick
realisation. Photo credit Jez Timms on Unsplash repetition. #Cukenfest |
nicolasedgwick
Photo credit Stephanie Watters Flores on Unsplash outcome. #Cukenfest |
nicolasedgwick
bounty. Photo credit Brian Mann on Unsplash outcome. #Cukenfest |
nicolasedgwick
#Cukenfest | nicolasedgwick takeaways. • You already have the skill
you need to find security issues … your brain! • Critical thinking skills are perfect for locating security problems. • Engage security assessment as part of architecture planning and throughout development.
#Cukenfest | nicolasedgwick summary. experts CAN be wrong penetration tests
are NOT security think security at ALL points this is NOT an isolated situation
None