The work on the application that deals with FinTech, MedTech or other kinds of sensitive PII (personal identifying information) requires high attention to security. There are different kinds of threats: risk of internal data leakage, a risk of infrastructure hacking, a risk of vulnerabilities inside the app e.t.c. This becomes even more complicated if the development or QA are outsourced. In this talk I will cover the following topics: — Protecting PII using data obfuscation during development and QA. — Secure alternatives for storing the credentials in the config files or environment variables. — Various techniques of encrypting data inside your app.


Comments are closed.

Really insightful talk about security on all fronts: Physical, software & architecture. A good talk always gives you some food for thought as well as actionable ideas - both were to be had here.

Also my harry-potter-fandom-heart really appreciated the reference to Mad Eye ;)

Really good source of things to think about, investigate deeper and eventually enforce

Evgeny at 16:17 on 22 Sep 2017

Really good speech with interesting analogies and living manner of action

I enjoyed talking to you outside, but your talk had very little to do with symfony and was something I'd expect as common sense. I think if you covered more about actually securing data within symfony OR changing the name of the talk, then I'd have a different attitude towards it.

I hope this wasn't taken badly, and I'd love to answer any questions you have about it.