Pipedrive Talks: Security by design

Software development is more demanding than ever. One big reason is an increasing demand for security. There are so many angles attackers can use that's it's essential for all software engineers to constantly educate themselves, keeping up to date with current trends and threats.

Michal Špaček, Daniele Timo Secondi and Stephane Moser will talk about 3 different angles on security:

Agenda:
18:00 - Doors Open, snacks and drinks

18:30 - When the enemy is behind the walls: how to keep your dependencies secure - Stephane Moser, Pipedrive

Whenever we develop, we start looking for existing solutions as we don't want to reinvent the wheel. The only problem is that we can't be sure that we are on a safe side because we can't control the code of the third-party dependencies we use in our projects. In 30 minutes I will explain why and how to check external dependencies for vulnerabilities, and tell you a real story of a security breach which might have caused a lot of problems and sleepless nights if we didn't have the scans implemented.

19:00 - OAuth 2: How It Works, Refresh Tokens, and the State Parameter - Daniele Timo Secondi, Pipedrive

How do you give external applications access to users’ data in a controlled way? You guessed it... Using OAuth (2). Here’s how the protocol works, and a few things we learned while implementing it for our Marketplace.

19:30 - Break - drinks and snacks

20:00 - If MacGyver was a search engine - Michal Špaček

Looking for something on the intertubes? Just use Google, right? But what if you're looking for publicly accessible webcams, or power plants? Or leaked databases and stolen credentials? Or HTTPS certificates that often reveal long forgotten test servers? What would MacGyver do? Well, he'd sit in the first row for this talk. We'll talk about Certificate Transparency, Shodan, interesting Google queries and more.

20:30 - More food and drinks and networking

About Pipedrive:

Pipedrive is the tool of choice for salespeople in scaling companies – the sales CRM pipeline platform that makes selling simple. Founded by seasoned sales professionals, Pipedrive launched in 2010. It is one of the fastest growing cloud-driven SaaS companies worldwide, has raised $80m in funding from investors including Insight Venture Partners, Bessemer Venture Partners, Atomico, Rembrandt Venture Partners and Paua Ventures. Today, 80,000 customers in 170 countries, and across 100+ industries leverage Pipedrive's award-winning software to manage their sales process.