Hackers of India

Digital Identity In The Age Of Fintech

By Sheetal Joseph , Alessandro Avagliano , Guido Reismueller , Benoit Flippen , Travis Carelock on 08 Apr 2022 @ Nullcon
πŸ“Ή Video
#identity-management #access-management #authentication #authorization #mfa #saml #sso
Focus Areas: πŸͺͺ Identity & Access Management , 🌐 Web Application Security

Presentation Material

AI Generated Summary

Here is a summary of the content:

The speaker, A expert in fintech security discusses the importance of securing production infrastructure from insider threats. They emphasize the need for a robust security process, including short-lived tokens, to access production systems and four-eyes principle to ensure accountability.

To mitigate insider threats, speaker suggests:

  1. Contracts with clear requirements based on role-specific risks.
  2. Understanding system processes through threat modeling to identify potential internal threats.
  3. Implementing an internal bug bounty program to incentivize employees to report vulnerabilities and weaknesses in the system.

Additionally, they highlight the importance of understanding business processes before conducting threat modeling and implementing multiple security layers, including 2FA and monitoring, to minimize risks.

Overall, the speaker emphasizes that securing production infrastructure requires a multi-faceted approach, involving contractual requirements, threat modeling, bug bounty programs, and robust security measures.

Disclaimer: This summary was auto-generated from the video transcript using AI and may contain inaccuracies. It is intended as a quick overview β€” always refer to the original talk for authoritative content. Learn more about our AI experiments.