ONLINE: Causal inference and permission management

Dear PyLadies 💚🐍
Our next online event is coming on 27th September featuring two excellent speakers:
🌟 Bénédicte Colnet (French Ministry of Health - Previously INRIA)
talk title: Machine learning and causal inference: Toward new clinical evidence?
🌟 Marine du Mesnil (Theodo)
Talk title: Project Feedback: Reduce your permissions management time while protecting your users!

The meetup will be broadcasted via zoom and we will share the link with you shortly before the meetup.

🌟Agenda (preliminary)
18h45 - 19h00 Come and take your seat
19h00 - 19h30 Welcome by PyLadies Paris and Botify
19h30 - 20h15 Talk by Bénédicte Colnet
20h15 - 21h00 Talk by Marine du Mesnil
21h00 - 22h00 Cocktail, networking
🌟 Bénédicte Colnet (French Ministry of Health -Previously INRIA)
talk title: Machine-learning and causal inference: Toward new clinical evidence?
Abstract: “Modern evidence-based medicine places Randomized Controlled Trials (RCTs) at the forefront of clinical evidence. Randomization enables the estimation of the average treatment effect (ATE) by eliminating the confounding effects of spurious or unwanted associated factors. More recently, concerns have been raised on the limited scope of RCTs: stringent eligibility criteria, unrealistic real-world compliance, short timeframe, limited sample size, etc. All these possible limitations threaten the external validity of RCT studies to other situations or populations. The usage of complementary non-randomized data, referred to as observational or from the real world, brings promises as additional sources of evidence. Today, there is a growing incentive to rely on this new data. Combining both data types -- randomized and observational -- is a new venue that could make the most of both worlds. This presentation aims to introduce the data and problem at stake, along with current research questions about how machine-learning can help to build a new kind of clinical evidence."
About Bénédicte: She is an engineer by training, holding a degree from Ecole polytechnique. She then pursued her studies in bioinformatics, earning an M.Sc. degree from Sorbonne University. After working for a total of three years in various companies and government roles, she embarked on a doctoral program at Inria under the supervision of Julie Josse, Erwan Scornet, and Gaël Varoquaux. Her research interests center around applied mathematics and machine learning for health-related topics. For example, she has collaborated with the Traumabase, a French medical registry focused on patients with traumatic injuries. She graduated in June 2023. In June, she began a new position at the French Ministry of Health, specifically within the social security department, where she leads the team dedicated to drug and medical device pricing.
🌟 Marine du Mesnil (Theodo)
Talk title: Project Feedback: Reduce your permissions management time while protecting your users!
Abstract: In 2019, users of the Ameli, the French welfare website, could read other users' messages and attachments containing confidential information by trivially changing a parameter in the URL. Unfortunately, this flaw is much more common than we think and access control has been listed as the Top 1 flaw by OWASP.
Historically, developers manage permissions directly in code and the product team is not always well aware of the conditions leading to access control flaws. It is also one of the most complex vulnerabilities to manage as it is easy for a developer to forget a condition in their API and open up access to sensitive data to anyone.
At Theodo, we implemented an easy-to-use and manageable system using Django's internal permissions management and a SaaS: Okta which I will present in this talk
About Marine: Tech Lead and Head of Security Tribe @ Theodo, Marine du Mesnil is particularly interested in web security and is involved in the Theodo Security Guild to help developers create compliant products by training them and helping them fix flaws in their projects.
She follows the OWASP publications and is interested in access control, which has become the leading cause of website vulnerabilities and is ranked in the Top 1 of the new OWASP Top 10.

Important info
#1:❗For safety reasons, the venue's staff will check everyone's identity on site. 📝Please remember to bring an ID with you so they can let you in. They will check that your first name and last name match with your name, please write your real name when signing up to this even. Thank you!
#2: Please be on time. We can’t guarantee a seat once the meetup has started
# 🔍 FAQ
Q. I'm not female, is it ok for me to attend?
A. Yes, PyLadies Paris events are open to everyone at all levels.