Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
The security issue that killed a financial prod...
Search
Cucumber
April 04, 2019
Technology
0
36
The security issue that killed a financial product launch - Nicola Sedgwick
Cucumber
April 04, 2019
Tweet
Share
More Decks by Cucumber
See All by Cucumber
Don't restrict your living documentation to a living documentation - Laurent Py and Vincent Pretre
cucumberbdd
0
58
Examples, Emotion, Entropy - An experience report of working with Cucumber people and methods to make better things and things better - Chris Young
cucumberbdd
0
38
Why silos are corporate chocolate cake - Katherine Kirk
cucumberbdd
0
47
Fighting crime and protecting vulnerable people using Gherkin, autism and a half-built kit car. Jamie Knight and Mike Southgate
cucumberbdd
0
99
Whole team quality: In the same boat or up the creek? - Alex Schladebeck
cucumberbdd
1
120
Between quality and time to market. How to specify and test an application in an agile context with a BDD approach - Christine Groebel
cucumberbdd
0
42
Doodle-Driven Development - Ciaran McNulty
cucumberbdd
0
87
Antifragility or taming the hydra - Katja Obring
cucumberbdd
0
42
Domain Storytelling - How to learn a domain language with examples from healthcare
cucumberbdd
0
37
Other Decks in Technology
See All in Technology
250627 関西Ruby会議08 前夜祭 RejectKaigi「DJ on Ruby Ver.0.1」
msykd
PRO
2
270
生成AIで小説を書くためにプロンプトの制約や原則について学ぶ / prompt-engineering-for-ai-fiction
nwiizo
4
1.6k
Snowflake Summit 2025 データエンジニアリング関連新機能紹介 / Snowflake Summit 2025 What's New about Data Engineering
tiltmax3
0
310
PHP開発者のためのSOLID原則再入門 #phpcon / PHP Conference Japan 2025
shogogg
4
730
CI/CD/IaC 久々に0から環境を作ったらこうなりました
kaz29
1
170
【TiDB GAME DAY 2025】Shadowverse: Worlds Beyond にみる TiDB 活用術
cygames
0
1.1k
Amazon S3標準/ S3 Tables/S3 Express One Zoneを使ったログ分析
shigeruoda
4
480
Understanding_Thread_Tuning_for_Inference_Servers_of_Deep_Models.pdf
lycorptech_jp
PRO
0
120
第9回情シス転職ミートアップ_テックタッチ株式会社
forester3003
0
230
Observability в PHP без боли. Олег Мифле, тимлид Altenar
lamodatech
0
350
Model Mondays S2E02: Model Context Protocol
nitya
0
220
なぜ私はいま、ここにいるのか? #もがく中堅デザイナー #プロダクトデザイナー
bengo4com
0
410
Featured
See All Featured
The Art of Programming - Codeland 2020
erikaheidi
54
13k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
15
1.5k
Building Applications with DynamoDB
mza
95
6.5k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
161
15k
Music & Morning Musume
bryan
46
6.6k
Stop Working from a Prison Cell
hatefulcrawdad
270
20k
A Modern Web Designer's Workflow
chriscoyier
694
190k
KATA
mclloyd
29
14k
How to Think Like a Performance Engineer
csswizardry
24
1.7k
The Pragmatic Product Professional
lauravandoore
35
6.7k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
Mobile First: as difficult as doing things right
swwweet
223
9.7k
Transcript
None
the security issue that killed a financial product launch (that
was missed by the professional penetration testers and security ‘experts’)
#Cukenfest | nicolasedgwick me. (ex)Tester Agile Coach Rocket Scientist Mead
Maker CultureCon Co-Creator
bounty. Image credit https://internetbugbounty.org/ crowd. #Cukenfest | nicolasedgwick
crowd. Photo credit Rob Curran on Unsplash #Cukenfest | nicolasedgwick
reputation. crowd. #Cukenfest | nicolasedgwick
competition. Photo credit Patryk Sobczak on Unsplash crowd. #Cukenfest |
nicolasedgwick
reward. Photo credit Christian Dubovan on Unsplash crowd. #Cukenfest |
nicolasedgwick
story. Photo credit Sharon McCutcheon on Unsplash #Cukenfest | nicolasedgwick
vulnerable. Photo credit Mihály Köles on Unsplash story. #Cukenfest |
nicolasedgwick
ethics. story. Photo credit Cristian Newman on Unsplash #Cukenfest |
nicolasedgwick
challenge. Photo credit Luke van Zyl on Unsplash #Cukenfest |
nicolasedgwick
shopping. challenge. Photo credit rawpixel on Unsplash #Cukenfest | nicolasedgwick
practicalities. Photo credit Fancycrave on Unsplash challenge. #Cukenfest | nicolasedgwick
situation. Photo credit Matt Botsford on Unsplash #Cukenfest | nicolasedgwick
owasp. https://www.owasp.org situation. #Cukenfest | nicolasedgwick
professionals. Photo credit Hello I'm Nik on Unsplash crowd. #Cukenfest
| nicolasedgwick
tools. situation. #Cukenfest | nicolasedgwick
understanding. Photo credit John Carlisle on Unsplash situation. #Cukenfest |
nicolasedgwick
photo. #Cukenfest | nicolasedgwick analysis. Photo credit Luke van Zyl
on Unsplash #Cukenfest | nicolasedgwick
protected. Photo credit Robert Hickerson on Unsp analysis. #Cukenfest |
nicolasedgwick
impenetrable. Photo credit Ben Hershey on Unsplash analysis. #Cukenfest |
nicolasedgwick
landscape. Photo credit Luo Lei on Unsplash analysis. #Cukenfest |
nicolasedgwick
sense. Photo credit Vladislav Klapin on Unspla analysis. #Cukenfest |
nicolasedgwick
hacking. Photo credit Markus Spiske on Unsplash #Cukenfest | nicolasedgwick
vulnerability. Photo credit Hans-Peter Gauster on Unsplash hacking. #Cukenfest |
nicolasedgwick
system. Photo credit rawpixel on Unsplash hacking. #Cukenfest | nicolasedgwick
transmission. Photo credit Jack Price-Burns on Unsplash hacking. #Cukenfest |
nicolasedgwick
breach. Photo credit Ben Hershey on Unsplash hacking. #Cukenfest |
nicolasedgwick
disbelief. Photo credit Jonathan Hoxmark on Unsplash #Cukenfest | nicolasedgwick
denied. Photo credit B J on Unsplash disbelief. #Cukenfest |
nicolasedgwick
perhaps. Photo credit Mike Wilson on Unsplash disbelief. #Cukenfest |
nicolasedgwick
repetition. Photo credit Tine Ivanič on Unsplash #Cukenfest | nicolasedgwick
footsteps. Photo credit eberhard grossgasteiger o repetition. #Cukenfest | nicolasedgwick
advice. Photo credit Melinda Gimpel on Unsplash repetition. #Cukenfest |
nicolasedgwick
realisation. Photo credit Jez Timms on Unsplash repetition. #Cukenfest |
nicolasedgwick
Photo credit Stephanie Watters Flores on Unsplash outcome. #Cukenfest |
nicolasedgwick
bounty. Photo credit Brian Mann on Unsplash outcome. #Cukenfest |
nicolasedgwick
#Cukenfest | nicolasedgwick takeaways. • You already have the skill
you need to find security issues … your brain! • Critical thinking skills are perfect for locating security problems. • Engage security assessment as part of architecture planning and throughout development.
#Cukenfest | nicolasedgwick summary. experts CAN be wrong penetration tests
are NOT security think security at ALL points this is NOT an isolated situation
None