Data Driven Web Application Security


The security posture of an application is directly proportional to the amount of information that is known about the application. How can we, as web application security practitioners, take advantage of application metrics to improve the security posture of our product? This talk will explore the ways that application data and metrics can be taken advantage of to create effective defenses for web applications today. We’ll outline the fundamental classes of web application security mechanisms and once an understanding of the domain is established, we’ll explore several specific examples that outline how Etsy’s security team uses metrics, analytics and big data every day to solve hard, interesting problems and create a safer experience for millions of users all over the world.

Aug 30, 2013
Las Vegas, NV