I attended over the past two days the #CybSec15 Cyber Security Summit event at Yverdon-Les-Bains in Switzerland. This event gathered 200 specialists in IT security with several conferences and workshops.
Yverdon is a a nice city next to a lake and is famous for their therma spa pools.
Axway and their swiss partner Smartwave were Gold Sponsor of the event and holding a booth presenting the award-winning Axway API Gateway product.
The conferences were top quality with a large panel of speakers specialists in IT security.
At the opening keynote of the first day, Fred Raynal reminded that security actually mainly concerns large companies and public administrations. Small- and mid-size companies can’t afford security experts whereas military organizations have unlimited resources to apply their own security. In both areas, there is no real market. Security becomes very important if we consider how harmful an attack can be to the business or the image of the organization. Despite this danger, nobody really cares and it’s the job of the security experts to be able to find the right arguments to convince the top management of how important it is to apply security best practices and consider security as an always evolving arena where nothing is ever granted.
At the opening keynote of the second day, we were explained in an exciting session how the police can fight cyber crime and what are the legal ways to catch the criminals including the difficulties met.
I also enjoyed very much the conference of Jérémy Matos; he explained step by step for 45 minutes how he managed to hack a mobile app to get free access to premium content of a newspaper. This was clear to everybody that the APIs consumed by the mobile apps were not properly secured due to missing security both on the client side and on the server side.
Axway and their local partner Smartwave were there to explain two major use cases for the Axway API Gateway:
- Mobility: exposing and securing mobile back-end APIs; generating secured client code; facilitating development with an SDK.
- Identity federation: single sign on through web applications (Web SSO) to access multiple services. A 45-minute conference was hold by Florent Martin of Smartwave on this topic.