Security, Summertime, and Sardines
‘Twas an afternoon Zoom call sometime in April when a small group of Dashlane engineering leaders thought of hosting a security event. After doing many talks at larger conferences, we wanted to have our very own space where we could talk about what's under the hood on our own terms.
'Until recently, Dashlane Engineering had been primarily centered around our New York and Paris hubs. But for the past few years (COVID-permitting), we have been able to build out Engineering teams in our Lisbon hub, too. The security seminar we discussed on that call would be a great opportunity to welcome the Portugal tech community to Dashlane.
With a long list of security events happening in June, it was only natural to add ourselves to this busy month. June in Lisbon is known to be very lively for its street parades and BBQing due to its famous Santos Populares parties. The whole city celebrates the month with a hefty amount of the local catch: Juicy, meaty sardines. We wanted to host an informal event that had the power to attract both the experts and the curious, so we decided to combine security with sardines and hoped for the best.
The seminar started off with Olga Carvalho’s “From Guardians to Hunters” session. Olga presented us with an analytical take on identity threats, meticulously explaining how they unravel and how we might model them.
Next up, Tiago Mendo’s "“Security Scanning in CI/CD” session focused on how we might prevent vulnerabilities by scanning code without ever getting in the way of the product. That's a common challenge security teams have: Determining how much friction we can add to our SDLC before developer experience becomes unbearable.
Tiago set the scene well for our very own Rew Islam, who shared the work we have been pioneering around passkeys. These locally stored, system-generated cryptographic keys are the ultimate innovation in securing online experiences. Learn more about passkeys here.
Andre Grilo took over and persisted with the outward-looking vein with his tale around the impact of quantum computing. His startup, QNova, provides solutions that leverage post-quantum cryptography in a future world where being quantum-resistant makes a significant difference for businesses. Our CISO recently wrote a post about it here.
To wrap up our seminar, Paulo Silva gave us a live demo of how easily unprotected APIs can be abused, drawing upon his work at Char49. His point was made very clear the moment he was able to order hundreds of limited hoodies through a scalper bot abusing an unrestricted API. Sound familiar?
The evening ended up on the terrace of our newest Lisbon office in Penha de França. A makeshift playlist ran in the background while attendees, speakers, and Dashlaners mingled discussing the seminar, summertime, and sardines.
Thanks to all those who participated. Keep an eye out for more events, and check our open positions if you’re interested in joining the fun.
Sign up to receive news and updates about Dashlane