An AppSec guide to practical cryptography

When (day):
18:00 - 19:00

Session Video

About this session

Cryptography is vital to protect sensitive information and secure communication in today’s applications and services. With the increasing amount of sensitive data being transmitted and stored electronically, cryptography plays an important role in ensuring the privacy and security of individuals, organizations, and governments.

This is a fresh topic based on sessions I have delivered at work.

In this session, we will:

  1. cover the functions of cryptography in the system, discuss its applicability across the stack (networking, secrets and credentials handling, access control, digital signatures, etc ) alongside the CIA triad.
  2. go over a high Level understanding of hashing, encoding and encryption
  3. perform a mini cryptography security review with a practical use case, discuss questions to ask about the system and the cryptography algorithms/ primitives to consider.
  4. cover what to look for in a threat model for cryptography