Hoe veilig is je webwinkel nu echt - WWV Summer Edition 2021

Transcript

1. Hoe veilig is je webwinkel écht? Inti De Ceukelaire, Head

   of Hackers Webwinkel Vakdagen – Summer Edition

2. 2 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

   https://challenge-0621.intigriti.io/

3. 3 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

   https://challenge-0621.intigriti.io/

4. 4 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

   https://challenge-0621.intigriti.io/ Supermarkt Online

5. 5 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

   https://challenge-0621.intigriti.io/ Supermarkt Online

6. 6 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

   https://challenge-0621.intigriti.io/ Supermarkt Online

7. 7 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

   https://challenge-0621.intigriti.io/ Supermarkt Online

8. 8 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

   https://challenge-0621.intigriti.io/ Supermarkt Online

9. 9 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

   https://challenge-0621.intigriti.io/ Supermarkt Online

10. 10 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

11. 11 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Voorbeeld website: BestBugs.com!

12. 12 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Goedkoper, Graag!

13. 13 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Kies een aantal

14. 14 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Min één boekje, graag!

15. 15 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Goedkoper, Graag!

16. 16 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Werkt óók met e-tickets!

17. 17 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Is dit diefstal ? fraude ? een misdrijf ? hacking ?

18. 18 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Andere techniek?

19. 19 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Elke dag jouw verjaardag!

20. 20 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Populaire kortingscodes TWITTER BLACK MEMORIAL TWEET20 FREESHIP EARLYBIRD MONDAY HOLIDAYS BLACKFRIDAY 15OFF EASTER GREEN TWEET TWEET10 NEWYEAR XMAS TWIT20 BIRTHDAY SUMMER10 TRAT HOLIDAY SAVES SANTA FALL20 FACEBOOK SOLDEN FRIDAY SPRING10 CYBER MONDAY 10OFF SALE GIMME10 LAUNCH DEALS GIFT

21. 21 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ SUMMER10 werkt! Wat nu?

22. 22 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ SUMMER10 SUMMER20

23. 23 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

24. 24 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

25. 25 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Kortingscodes optellen? Gaat niet. Toch?

26. 26 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Kortingscodes optellen? Gaat vaker dan je denkt! - Speciale tekens - Uppercase / lowercase

27. 27 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

28. 28 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ We hebben 20% korting… Maar willen meer!

29. 29 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ We hebben 20% korting… Maar willen meer!

30. 30 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ $100

31. 31 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ We hebben 20% korting… ook op gift cards!

32. 32 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Waarde: $100 Betaald: $80 $100

33. 33 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ $100 + SUMMER20 = ?

34. 34 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ $100 + SUMMER20 = $20 $100 OUDE GIFT CARD NIEUWE GIFT CARD

35. 35 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Waarde: $120 Betaald: $80 $20 $100

36. 36 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Waarde: $140 Betaald: $80 $20 $20 $100

37. 37 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Waarde: $160 Betaald: $80 $20 $20 $100 $20

38. 38 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Waarde: $200 Betaald: $80 $20 $20 $100 $20 $20 $20

39. 39 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Kadobon miljonair in minuten!

40. 40 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Is dit diefstal ? fraude ? een misdrijf ? hacking ?

41. 41 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

42. 42 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ +

43. 43 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

44. 44 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

45. 45 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Mens & Machine

46. 46 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Een gratis burger

47. 47 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Bron: @LiveOverflow - https://www.youtube.com/watch?v=WWJTsKaJT_g

48. 48 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Bron: @LiveOverflow - https://www.youtube.com/watch?v=WWJTsKaJT_g

49. 49 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Bron: @LiveOverflow - https://www.youtube.com/watch?v=WWJTsKaJT_g

50. 50 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Bron: @LiveOverflow - https://www.youtube.com/watch?v=WWJTsKaJT_g

51. 51 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

52. 52 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Opmerking:

53. 53 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Opmerking: CSS

54. 54 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

55. 55 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

56. 56 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Is dit diefstal ? fraude ? een misdrijf ? hacking ?

57. 57 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Wat is ethisch? Laat anderen het niet voor jou definiëren. Doe het zélf d.m.v. een hacker policy!

58. 58 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Een goede hacker policy bevat… Definiëer welke assets aan jou toebehoren. Duidelijke scope 01 Geef aan wat je zeker als onethisch beschouwd. Bvb: DDoS aanvallen. Strikte limieten 02 Je kan aan de vinder vragen om hun IP adres mee te sturen. Rapport instructies 03 Wees duidelijk over welke informatie je als vertrouwelijk beschouwd. Geheimhouding? 04 Geef een algehele indicatie wanneer de vinder antwoord kan verwachten. Timeframe 05 Niet onbelangrijk: geef een vlotte manier om te communiceren. Blijf weg van formulieren. Contact adres 06

59. 59 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/

60. 60 INTIGRITI - Continuous Security Testing through the Crowd https://challenge-0621.intigriti.io/

    https://challenge-0621.intigriti.io/ Bekende bedrijven mét hacker policy Zet ik jou straks mee in dit lijstje?

61. Gratis policy advies Kom ons bezoeken aan onze stand 215!

    [email protected] | +32 476 77 24 39