On the Frontlines - Securing a Major Cryptocurrency Exchange

Explore the frontlines of securing a major cryptocurrency exchange in this one-hour conference talk from AppSecCali 2019. Delve into the unique challenges faced by cryptocurrency exchanges, including high-speed transactions, lack of traceability, and multi-national operations that attract both small-time thieves and well-financed attackers. Learn about website and API attacks, sophisticated account takeover attempts, malicious code in third-party components, and security threats to underlying cryptocurrencies. Discover novel defense strategies implemented by exchanges to combat these threats. Gain insights from Neil Smithline, Security Architect at Circle and co-leader of the OWASP Top-10, as he shares his extensive experience in application security. Examine the exchange architecture, explore various attack vectors, and understand best practices for securing cryptocurrency platforms. Cover topics such as wallets, user accounts, blockchain problems, and risky behaviors in the crypto world.

Intro
Who is Polonius
What are crypto currencies
Exchange Page
Exchange Architecture
Why are exchanges such a juicy target
Application layer attacks
Wallets
User Accounts
Twitter Users
Helping Users
Other Security Features
Risky Behavior
Blockchain Problems
Reorganization
Ethereum Classic
Attack Strategy
Best Practices
Questions
How dynamic is this