I attended the Cyber Security Summit (#CybSec15) in Yverdon, Switzerland. This event gathered over 200 IT security specialists, along with conferences and workshops.
Yverdon is a nice city next to a lake and is famous for its thermal spa pools.
Axway and their Swiss partner SmartWave were Gold Sponsors of the event and holding a booth presenting the award-winning Axway API Gateway product.
The conferences were top quality with a large panel of speakers specialists in IT security.
At the opening keynote of the first day, Fred Raynal reminded that security actually mainly concerns large companies and public administrations. Small- and mid-size companies can’t afford security experts whereas military organizations have unlimited resources to apply their own security. In both areas, there is no real market. Security becomes very important if we consider how harmful an attack can be to the business or the image of the organization. Despite this danger, nobody really cares and it’s the job of the security experts to be able to find the right arguments to convince the top management of how important it is to apply security best practices and consider security as an always evolving arena where nothing is ever granted.
At the opening keynote of the second day, we were explained in an exciting session how the police can fight cybercrime and what are the legal ways to catch the criminals including the difficulties met.
I also enjoyed very much the conference of Jérémy Matos; he explained step by step for 45 minutes how he managed to hack a mobile app to get free access to the premium content of a newspaper. This was clear to everybody that the APIs consumed by the mobile apps were not properly secured due to missing security both on the client side and on the server side.
Axway and their local partner SmartWave were there to explain two major use cases for the Axway API Gateway:
- Mobility: exposing and securing mobile back-end APIs; generating secured client code; facilitating development with an SDK.
- Identity Federation: single sign-on through web applications (Web SSO) to access multiple services. A 45-minute conference held by Florent Martin of Smartwave on this topic.
Learn all about the six tactics you need to secure your APIs.