Securing Third Party Applications at Scale - AppSecCali 2019
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore best practices for securing third-party applications at scale in this 34-minute conference talk from AppSecCali 2019. Learn how Salesforce manages security across thousands of applications on their AppExchange platform. Discover effective tooling, processes, and manual review techniques that have prevented numerous vulnerabilities from reaching users. Gain insights into automating security checks, conducting manual reviews, and developing flexible processes that adapt to evolving threats like credential stuffing. Understand how to balance automation with human expertise to significantly reduce risk for your company when dealing with third-party applications. Benefit from the speakers' experience in overseeing the AppExchange security review process and their focus on security education.
Syllabus
Introduction
Agenda
Introductions
Salesforce App Exchange
Types of Third Party Applications
Building a HighLevel Process
Define the Problem
Baseline
Trailhead
Remediation
Review Information
Securitys Never Done
Salesforce
Evangelization
Operation Team
Tools
Taught by
OWASP Foundation
Related Courses
Web App Testing - EnumerationCyber Mentor via YouTube Full Ethical Hacking Course - Beginner Network Penetration Testing
Cyber Mentor via YouTube Zero to Hero Pentesting - Exploitation, Shells, and Some Credential Stuffing
Cyber Mentor via YouTube Top Active Directory Attacks - Understand, then Prevent and Detect
RSA Conference via YouTube Protecting Accounts from Credential Stuffing with Password Breach Alerting
USENIX via YouTube