Video details

Functionality Abuse: The Forgotten Class of Attacks

10.04.2017 at Node.js Interactive


Nwokedi Idika (Google)

If you were given a magic wand that would remove all implementation flaws from your web application, would it be free of security problems?
If it took you more five seconds to say “No!” (or if, worse, you said “Yes!”), then you’re the target audience for this talk.
If you’re in the target audience, don’t fret, much of the security community is there with you.
After this talk, attendees will understand why the answer to the abovementiond question is an emphatic “No!” and they will learn an approach to decrease their chance of failing to consider an important vector of attack for their current and future web applications.
Nwokedi Idika is a member of Nightwatch, Google’s product-focused privacy team. Prior to engaging product teams on privacy issues at Google, he spent a couple of years building solutions to malicious automated threats at Shape Security and a few years at MIT Lincoln Lab working on quantifying trust and approaches to improve cyber defenders’ situational awareness. He earned his Ph.D. and Master's in CS from Purdue University and a B.S. in CS from the University of Maryland, Baltimore County.