Slide 1

Slide 1 text

Security: I Have 5 minutes, You Have a Lifetime Ben Hughes, Etsy, obviously, just look at this slide.

Slide 2

Slide 2 text

These are real graphs of *something*

Slide 3

Slide 3 text

Mean Time to PasteBin™

Slide 4

Slide 4 text

` photo by https://secure.flickr.com/photos/asjaboros/

Slide 5

Slide 5 text

https://secure.flickr.com/photos/izik/ SSL* *(TLS really)

Slide 6

Slide 6 text

https://secure.flickr.com/photos/refractedmoments/

Slide 7

Slide 7 text

https://secure.flickr.com/photos/gaby1

Slide 8

Slide 8 text

https://isTLSfastyet.com/ Ummm, yeah, fast enough. big shout out to the design of this slide.

Slide 9

Slide 9 text

No content

Slide 10

Slide 10 text

Password hashing: Just use bcrypt.

Slide 11

Slide 11 text

BUT WHAT ABOUT scrypt/ PBKDF2/SpecialThing?

Slide 12

Slide 12 text

Cross Site Request Forgery

Slide 13

Slide 13 text

And you were worried HTTPS would slow things down…

Slide 14

Slide 14 text

Multi factor authentication Awesome taken apart SecureID token by https://www.flickr.com/photos/travisgoodspeed

Slide 15

Slide 15 text

No content

Slide 16

Slide 16 text

Responsible disclosure is pretty cool!

Slide 17

Slide 17 text

The winner takes it all!

Slide 18

Slide 18 text

Bounty Hunters You may want to consider their kind of scum.

Slide 19

Slide 19 text

No content

Slide 20

Slide 20 text

https://github.com/etsy http://codeascraft.com/ @benjammingh [email protected]