Food Safety Trends 2020. Free Online Mitap April 21

Let's talk about new trends, approaches, tools and challenges that arise in front of information security departments today. Cloud data storage, work with third-party vendors and solutions, security review automation in the conditions of continuous development and release process, and much more - at the free online meeting Wrike TechClub. Registration - until April 21.

The program includes :

1. Grigory Streltsov, Wrike - “Automation of Safe Development”

Large enterprise products are faced with the need to automate their daily routine, including in terms of information security. Together with other departments of the company, we came up with an automation process based on a number of open source solutions and Burp Suite. Burp Suite is a popular vulnerability assessment tool. I will tell you how to integrate it into the existing development cycle, show what difficulties you may encounter, and discuss together all the advantages and disadvantages of a configured system.

2. Dmitry Desyatkov, Wrike - “Do not believe anyone!”

It is very difficult to imagine a product that would do without third-party libraries, vendors or integrations. They save development time, give more opportunities and make the product more competitive. But you have to pay for everything. The safety of the weakest part of the product determines the safety of the entire product. Let's discuss the types of third party components and what can be done to minimize the risks of working with them.

3. Sergey Belov, Mail.ru - We release safe features v2

This report will continue a series of questions and answers in modern AppSec. We will try to disassemble the complex cases of modern design and come up with optimal and safe solutions for them.

4. Oleg Maslennikov, TsIAN - “Securing Microservice Architecture in Kubernetes”

Active development of DevOps ideas and microservice architecture has led to the popularization of containerization in mass volumes, when the product is represented by hundreds of microservices. This situation made it necessary to somehow manage the work and layout of all these microservices. The most popular solution to this problem is Kubernetes. In addition to solving operational problems, it also allows you to deal with some common problems in the field of information security inherent in microservice applications. But the functionality provided by Kubernetes often has unobvious or clearly undeclared pitfalls. I’ll tell you how Kubernetes works internally, how it differs from a simple Docker and what security features it has in various configurations.

5. Julia Omelyanenko, Wrike - COVID-19: don't let the virus get into your network from the air

Food safety is not limited to the food environment, the human factor remains its main engine. The current situation in the world has given impetus to the development of telecommuting. But the attackers are on the alert and come up with new attack vectors, keeping pace with the times. We’ll talk about approaches to meeting corporate security requirements and how they can help you.

6. Alexandra Svatikova, Odnoklassniki - “Security of the user account - a look from the inside of the online service”

In the report, I will tell you where the hacked accounts come from and why the absence of vulnerabilities does not guarantee the complete safety of users of the social network. Then we try to understand why, with all its simplicity and clarity ,redential stuffing is the most common way to attack online services. I will share our observations of such attacks over the past few years and the experience of implementing measures to counter them, as well as talk about the problems that we encountered along the way.

- Registration