SlideShare a Scribd company logo

Odoo Code Hardening [Odoo Experience 2019]

O
Olivier Dony

Security is hard. In 2019, keeping web applications secure is an incredibly difficult task, in the face of ever-increasing diversity of software security problems. The goal of this talk is to give developers hints and best practices for ensuring the security of their Odoo code and avoiding common pitfalls. Based on the famous OWASP Top 10, and a history of security trainings given in Odoo R&D, this presentation will attempt to cover the most common security bugs found in Odoo apps, describing how they work, their impact, and how to detect and fix them during code reviews. Prerequisites: some development experience, not necessarily in Odoo, but ideally in Python and/or Javascript. Most of the issues will be discussed on a high level, but there will also be a few specific code analysis examples.

Software
1 of 36
Download to read offline
Odoo CODE HARDENING One review at a time... Olivier Dony - @odony Defence Against Dark Arts :) 2019 EXPERIENCE
SECURITY MODEL
Security Model Data Access Control Apps / Business Logic
Security Model RBAC = Groups + ACL + Rules Roles Data Apps / Business Logic Access Control
Access Control is NOT implemented in menu items in screen definitions in client-side Javascript in secret methods
RISKS TOP TEN
OWASP Top Ten - 2017 A1. Injection
OWASP Top Ten - 2017 A1. Injection A2. Broken Authentication
OWASP Top Ten - 2017 A1. Injection A2. Broken Authentication A3. Sensitive Data Exposure
OWASP Top Ten - 2017 A1. Injection A2. Broken Authentication A3. Sensitive Data Exposure A4. XXE
OWASP Top Ten - 2017 A1. Injection A2. Broken Authentication A3. Sensitive Data Exposure A4. XXE A5. Broken Access Cont. / IDOR
OWASP Top Ten - 2017 A6. Security Misconfiguration
OWASP Top Ten - 2017 A6. Security Misconfiguration A7. XSS
OWASP Top Ten - 2017 A6. Security Misconfiguration A7. XSS A8. Insecure Deserialization
OWASP Top Ten - 2017 A6. Security Misconfiguration A7. XSS A8. Insecure Deserialization A9. Vulnerable Components
OWASP Top Ten - 2017 A6. Security Misconfiguration A7. XSS A8. Insecure Deserialization A9. Vulnerable Components A10. Insufficient Logging
A5. BROKEN ACCESS CONTROL
A5. BROKEN ACCESS CONTROL / IDOR #1 MISSING (OR INCORRECT) ACLs
A5. BROKEN ACCESS CONTROL / IDOR NEW MODEL ACCESS CONTROL LISTS (per-role access) RECORD RULES (per-user filters) FIELD RESTRICTIONS (sensitive data)
A5. BROKEN ACCESS CONTROL / IDOR #2 WRONG sudo() USAGE INSECURE ROUTES
A5. BROKEN ACCESS CONTROL / IDOR CONVERTERS CONVERTERS
A5. BROKEN ACCESS CONTROL / IDOR CONVERTERS TYPE
A5. BROKEN ACCESS CONTROL / IDOR CONVERTERS TYPE METHODS
A5. BROKEN ACCESS CONTROL / IDOR CONVERTERS TYPE METHODS AUTH - user - public - none
A7. XSS
A7. XSS STRING FORMATTING “<b>” + name `<b>${name}</b>` UNSAFE DESERIALIZATION eval() VULNERABLE TEMPLATES t-raw VULNERABLE LIB $.popover() FILES .svg,.html LINKS javascript: SO MANY WAYS TO ATTACK YOUR BROWSER!
A7. XSS DATA/CODE CONFUSION IN TWITTER BOOTSTRAP 4 (CVE-2019-8331) https://jsbin.com/yihinuramu/1/edit?html,output ONE MORE EXAMPLE:
A7. XSS CAN YOU SPOT THE PROBLEM? https://github.com/twbs/bootstrap/blob/master/js/src/tooltip/tooltip.js#L449-L459
A1. INJECTION
A1. INJECTION
A1. INJECTION
A1. INJECTION
A1. INJECTION
REVIEW CHECKLIST
REVIEW CHECKLIST 01 CONTROL ACCESS Groups, ACLs, Rules and Fields 02 VERIFY PERMISSIONS sudo(), controllers, private methods 03 CHECK TEMPLATES t-raw, untrusted input escaped 04 SAFE EVAL Eval only trusted input, iff impossible to avoid BLOCK INJECTIONS 05 Double-check manual SQL, shell commands, etc. XSS PREVENTION 06 DOM, Stored, Reflected, look for the signs!
THANKS! Do you have any questions? security@odoo.com @odony CREDITS: Presentation made with icons by FlatIcon. Font: Exo2 Related talks: 2018 “How to break Odoo’s Security” https://odoo.com/r/A1l 2017 “Safer Odoo Code” https://odoo.com/r/dbN

Recommended

Odoo Experience 2018 - How to Break Odoo Security (or how to prevent it)
Odoo Experience 2018 - How to Break Odoo Security (or how to prevent it)Odoo Experience 2018 - How to Break Odoo Security (or how to prevent it)
Odoo Experience 2018 - How to Break Odoo Security (or how to prevent it)ElínAnna Jónasdóttir
 
Odoo - Create themes for website
Odoo - Create themes for websiteOdoo - Create themes for website
Odoo - Create themes for websiteOdoo
 
Odoo system presentation.pdf
Odoo system presentation.pdfOdoo system presentation.pdf
Odoo system presentation.pdfСвятослав Надозирний
 
How to show warning _ error messages in Odoo 16
How to show warning _ error messages in Odoo 16 How to show warning _ error messages in Odoo 16
How to show warning _ error messages in Odoo 16 Celine George
 
Creating Menu and Actions in Odoo 15
Creating Menu and Actions in Odoo 15Creating Menu and Actions in Odoo 15
Creating Menu and Actions in Odoo 15Celine George
 
Deploying & Scaling your Odoo Server
Deploying & Scaling your Odoo ServerDeploying & Scaling your Odoo Server
Deploying & Scaling your Odoo ServerOdoo
 
Tutorial: Develop an App with the Odoo Framework
Tutorial: Develop an App with the Odoo FrameworkTutorial: Develop an App with the Odoo Framework
Tutorial: Develop an App with the Odoo FrameworkOdoo
 
An in Depth Journey into Odoo's ORM
An in Depth Journey into Odoo's ORMAn in Depth Journey into Odoo's ORM
An in Depth Journey into Odoo's ORMOdoo
 

Recommended

Odoo Experience 2018 - How to Break Odoo Security (or how to prevent it)
Odoo Experience 2018 - How to Break Odoo Security (or how to prevent it)Odoo Experience 2018 - How to Break Odoo Security (or how to prevent it)
Odoo Experience 2018 - How to Break Odoo Security (or how to prevent it)ElínAnna Jónasdóttir
 
Odoo - Create themes for website
Odoo - Create themes for websiteOdoo - Create themes for website
Odoo - Create themes for websiteOdoo
 
Odoo system presentation.pdf
Odoo system presentation.pdfOdoo system presentation.pdf
Odoo system presentation.pdfСвятослав Надозирний
 
How to show warning _ error messages in Odoo 16
How to show warning _ error messages in Odoo 16 How to show warning _ error messages in Odoo 16
How to show warning _ error messages in Odoo 16 Celine George
 
Creating Menu and Actions in Odoo 15
Creating Menu and Actions in Odoo 15Creating Menu and Actions in Odoo 15
Creating Menu and Actions in Odoo 15Celine George
 
Deploying & Scaling your Odoo Server
Deploying & Scaling your Odoo ServerDeploying & Scaling your Odoo Server
Deploying & Scaling your Odoo ServerOdoo
 
Tutorial: Develop an App with the Odoo Framework
Tutorial: Develop an App with the Odoo FrameworkTutorial: Develop an App with the Odoo Framework
Tutorial: Develop an App with the Odoo FrameworkOdoo
 
An in Depth Journey into Odoo's ORM
An in Depth Journey into Odoo's ORMAn in Depth Journey into Odoo's ORM
An in Depth Journey into Odoo's ORMOdoo
 
The Odoo JS Framework
The Odoo JS FrameworkThe Odoo JS Framework
The Odoo JS FrameworkOdoo
 
Fleet Management Software in Odoo 15 Enterprise Edition.pptx
Fleet Management Software in Odoo 15 Enterprise Edition.pptxFleet Management Software in Odoo 15 Enterprise Edition.pptx
Fleet Management Software in Odoo 15 Enterprise Edition.pptxCeline George
 
How to Develop your own in App-Purchase Service in Odoo
How to Develop your own in App-Purchase Service in OdooHow to Develop your own in App-Purchase Service in Odoo
How to Develop your own in App-Purchase Service in OdooOdoo
 
New Framework - ORM
New Framework - ORMNew Framework - ORM
New Framework - ORMOdoo
 
Odoo CRM Management
Odoo CRM ManagementOdoo CRM Management
Odoo CRM ManagementAhmed Abd Al Karim
 
Empower your App by Inheriting from Odoo Mixins
Empower your App by Inheriting from Odoo MixinsEmpower your App by Inheriting from Odoo Mixins
Empower your App by Inheriting from Odoo MixinsOdoo
 
Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9sumsid1234
 
scaffold method odoo 16
scaffold method odoo 16scaffold method odoo 16
scaffold method odoo 16Celine George
 
Oracle ADF Overview for Beginners
Oracle ADF Overview for BeginnersOracle ADF Overview for Beginners
Oracle ADF Overview for BeginnersJithin Kuriakose
 
Odoo website product stock management
Odoo website product stock managementOdoo website product stock management
Odoo website product stock managementBrowseInfo Odoo Experts
 
Set Default Values to Fields in Odoo 15
Set Default Values to Fields in Odoo 15Set Default Values to Fields in Odoo 15
Set Default Values to Fields in Odoo 15Celine George
 
How to Import data into OpenERP V7
How to Import data into OpenERP V7How to Import data into OpenERP V7
How to Import data into OpenERP V7Audaxis
 
Defining Kanban View in Odoo15 | Advanced Views
Defining Kanban View in Odoo15 | Advanced ViewsDefining Kanban View in Odoo15 | Advanced Views
Defining Kanban View in Odoo15 | Advanced ViewsCeline George
 
Odoo.sh for Developers
Odoo.sh for DevelopersOdoo.sh for Developers
Odoo.sh for DevelopersOdoo
 
View Inheritance in Odoo 15
View Inheritance in Odoo 15View Inheritance in Odoo 15
View Inheritance in Odoo 15Celine George
 
Improving the performance of Odoo deployments
Improving the performance of Odoo deploymentsImproving the performance of Odoo deployments
Improving the performance of Odoo deploymentsOdoo
 
Budget Control with mis_builder 3 (2017)
Budget Control with mis_builder 3 (2017)Budget Control with mis_builder 3 (2017)
Budget Control with mis_builder 3 (2017)acsone
 
Updating Client Interface 'on change' @api.onchange in Odoo 15
Updating Client Interface 'on change' @api.onchange in Odoo 15Updating Client Interface 'on change' @api.onchange in Odoo 15
Updating Client Interface 'on change' @api.onchange in Odoo 15Celine George
 
Monitoring Oracle Database Instances with Zabbix
Monitoring Oracle Database Instances with ZabbixMonitoring Oracle Database Instances with Zabbix
Monitoring Oracle Database Instances with ZabbixGerger
 
Odoo - Smart buttons
Odoo - Smart buttonsOdoo - Smart buttons
Odoo - Smart buttonsOdoo
 
Safer Odoo Code [Odoo Experience 2017]
Safer Odoo Code [Odoo Experience 2017]Safer Odoo Code [Odoo Experience 2017]
Safer Odoo Code [Odoo Experience 2017]Olivier Dony
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxcgt38842
 

More Related Content

What's hot

The Odoo JS Framework
The Odoo JS FrameworkThe Odoo JS Framework
The Odoo JS FrameworkOdoo
 
Fleet Management Software in Odoo 15 Enterprise Edition.pptx
Fleet Management Software in Odoo 15 Enterprise Edition.pptxFleet Management Software in Odoo 15 Enterprise Edition.pptx
Fleet Management Software in Odoo 15 Enterprise Edition.pptxCeline George
 
How to Develop your own in App-Purchase Service in Odoo
How to Develop your own in App-Purchase Service in OdooHow to Develop your own in App-Purchase Service in Odoo
How to Develop your own in App-Purchase Service in OdooOdoo
 
New Framework - ORM
New Framework - ORMNew Framework - ORM
New Framework - ORMOdoo
 
Empower your App by Inheriting from Odoo Mixins
Empower your App by Inheriting from Odoo MixinsEmpower your App by Inheriting from Odoo Mixins
Empower your App by Inheriting from Odoo MixinsOdoo
 
Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9sumsid1234
 
scaffold method odoo 16
scaffold method odoo 16scaffold method odoo 16
scaffold method odoo 16Celine George
 
Oracle ADF Overview for Beginners
Oracle ADF Overview for BeginnersOracle ADF Overview for Beginners
Oracle ADF Overview for BeginnersJithin Kuriakose
 
Set Default Values to Fields in Odoo 15
Set Default Values to Fields in Odoo 15Set Default Values to Fields in Odoo 15
Set Default Values to Fields in Odoo 15Celine George
 
How to Import data into OpenERP V7
How to Import data into OpenERP V7How to Import data into OpenERP V7
How to Import data into OpenERP V7Audaxis
 
Defining Kanban View in Odoo15 | Advanced Views
Defining Kanban View in Odoo15 | Advanced ViewsDefining Kanban View in Odoo15 | Advanced Views
Defining Kanban View in Odoo15 | Advanced ViewsCeline George
 
Odoo.sh for Developers
Odoo.sh for DevelopersOdoo.sh for Developers
Odoo.sh for DevelopersOdoo
 
View Inheritance in Odoo 15
View Inheritance in Odoo 15View Inheritance in Odoo 15
View Inheritance in Odoo 15Celine George
 
Improving the performance of Odoo deployments
Improving the performance of Odoo deploymentsImproving the performance of Odoo deployments
Improving the performance of Odoo deploymentsOdoo
 
Budget Control with mis_builder 3 (2017)
Budget Control with mis_builder 3 (2017)Budget Control with mis_builder 3 (2017)
Budget Control with mis_builder 3 (2017)acsone
 
Updating Client Interface 'on change' @api.onchange in Odoo 15
Updating Client Interface 'on change' @api.onchange in Odoo 15Updating Client Interface 'on change' @api.onchange in Odoo 15
Updating Client Interface 'on change' @api.onchange in Odoo 15Celine George
 
Monitoring Oracle Database Instances with Zabbix
Monitoring Oracle Database Instances with ZabbixMonitoring Oracle Database Instances with Zabbix
Monitoring Oracle Database Instances with ZabbixGerger
 
Odoo - Smart buttons
Odoo - Smart buttonsOdoo - Smart buttons
Odoo - Smart buttonsOdoo
 

What's hot (20)

The Odoo JS Framework
The Odoo JS FrameworkThe Odoo JS Framework
The Odoo JS Framework
 
Fleet Management Software in Odoo 15 Enterprise Edition.pptx
Fleet Management Software in Odoo 15 Enterprise Edition.pptxFleet Management Software in Odoo 15 Enterprise Edition.pptx
Fleet Management Software in Odoo 15 Enterprise Edition.pptx
 
How to Develop your own in App-Purchase Service in Odoo
How to Develop your own in App-Purchase Service in OdooHow to Develop your own in App-Purchase Service in Odoo
How to Develop your own in App-Purchase Service in Odoo
 
New Framework - ORM
New Framework - ORMNew Framework - ORM
New Framework - ORM
 
Odoo CRM Management
Odoo CRM ManagementOdoo CRM Management
Odoo CRM Management
 
Empower your App by Inheriting from Odoo Mixins
Empower your App by Inheriting from Odoo MixinsEmpower your App by Inheriting from Odoo Mixins
Empower your App by Inheriting from Odoo Mixins
 
Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9
 
scaffold method odoo 16
scaffold method odoo 16scaffold method odoo 16
scaffold method odoo 16
 
Oracle ADF Overview for Beginners
Oracle ADF Overview for BeginnersOracle ADF Overview for Beginners
Oracle ADF Overview for Beginners
 
Odoo website product stock management
Odoo website product stock managementOdoo website product stock management
Odoo website product stock management
 
Set Default Values to Fields in Odoo 15
Set Default Values to Fields in Odoo 15Set Default Values to Fields in Odoo 15
Set Default Values to Fields in Odoo 15
 
How to Import data into OpenERP V7
How to Import data into OpenERP V7How to Import data into OpenERP V7
How to Import data into OpenERP V7
 
Defining Kanban View in Odoo15 | Advanced Views
Defining Kanban View in Odoo15 | Advanced ViewsDefining Kanban View in Odoo15 | Advanced Views
Defining Kanban View in Odoo15 | Advanced Views
 
Odoo.sh for Developers
Odoo.sh for DevelopersOdoo.sh for Developers
Odoo.sh for Developers
 
View Inheritance in Odoo 15
View Inheritance in Odoo 15View Inheritance in Odoo 15
View Inheritance in Odoo 15
 
Improving the performance of Odoo deployments
Improving the performance of Odoo deploymentsImproving the performance of Odoo deployments
Improving the performance of Odoo deployments
 
Budget Control with mis_builder 3 (2017)
Budget Control with mis_builder 3 (2017)Budget Control with mis_builder 3 (2017)
Budget Control with mis_builder 3 (2017)
 
Updating Client Interface 'on change' @api.onchange in Odoo 15
Updating Client Interface 'on change' @api.onchange in Odoo 15Updating Client Interface 'on change' @api.onchange in Odoo 15
Updating Client Interface 'on change' @api.onchange in Odoo 15
 
Monitoring Oracle Database Instances with Zabbix
Monitoring Oracle Database Instances with ZabbixMonitoring Oracle Database Instances with Zabbix
Monitoring Oracle Database Instances with Zabbix
 
Odoo - Smart buttons
Odoo - Smart buttonsOdoo - Smart buttons
Odoo - Smart buttons
 

Similar to Odoo Code Hardening [Odoo Experience 2019]

Safer Odoo Code [Odoo Experience 2017]
Safer Odoo Code [Odoo Experience 2017]Safer Odoo Code [Odoo Experience 2017]
Safer Odoo Code [Odoo Experience 2017]Olivier Dony
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxcgt38842
 
Software Development Weaknesses - SecOSdays Sofia, 2019
Software Development Weaknesses - SecOSdays Sofia, 2019Software Development Weaknesses - SecOSdays Sofia, 2019
Software Development Weaknesses - SecOSdays Sofia, 2019Balázs Tatár
 
Real time data analytics - Part 2 - Sensors & Internet of Things
Real time data analytics - Part 2 - Sensors & Internet of ThingsReal time data analytics - Part 2 - Sensors & Internet of Things
Real time data analytics - Part 2 - Sensors & Internet of ThingsAmazon Web Services
 
OWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptxOWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptxnmk42194
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxjohnpragasam1
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxazida3
 
Best Practices for API Design to Keep Your App Secure, Scalable & Efficient
Best Practices for API Design to Keep Your App Secure, Scalable & EfficientBest Practices for API Design to Keep Your App Secure, Scalable & Efficient
Best Practices for API Design to Keep Your App Secure, Scalable & EfficientNordic APIs
 
How To Break Odoo's Security [Odoo Experience 2018]
How To Break Odoo's Security [Odoo Experience 2018]How To Break Odoo's Security [Odoo Experience 2018]
How To Break Odoo's Security [Odoo Experience 2018]Olivier Dony
 
Guidelines to protect your APIs from threats
Guidelines to protect your APIs from threatsGuidelines to protect your APIs from threats
Guidelines to protect your APIs from threatsIsabelle Mauny
 
The Dev, Sec and Ops of API Security - API World
The Dev, Sec and Ops of API Security - API WorldThe Dev, Sec and Ops of API Security - API World
The Dev, Sec and Ops of API Security - API World42Crunch
 
Внедрение безопасности в веб-приложениях в среде выполнения
Внедрение безопасности в веб-приложениях в среде выполненияВнедрение безопасности в веб-приложениях в среде выполнения
Внедрение безопасности в веб-приложениях в среде выполненияPositive Hack Days
 
Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017Sampath Bhargav Pinnam
 
API Security: the full story
API Security: the full storyAPI Security: the full story
API Security: the full story42Crunch
 
Building Secure Apps in the Cloud
Building Secure Apps in the CloudBuilding Secure Apps in the Cloud
Building Secure Apps in the CloudAtlassian
 
Ryan Smith's talk from the AWS Chicago user group May 22 - Security
Ryan Smith's talk from the AWS Chicago user group May 22 - Security Ryan Smith's talk from the AWS Chicago user group May 22 - Security
Ryan Smith's talk from the AWS Chicago user group May 22 - Security AWS Chicago
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesLacework
 
Modern authentication in Sling with Openid Connect and Keycloak - Adapt.to 20...
Modern authentication in Sling with Openid Connect and Keycloak - Adapt.to 20...Modern authentication in Sling with Openid Connect and Keycloak - Adapt.to 20...
Modern authentication in Sling with Openid Connect and Keycloak - Adapt.to 20...Ioan Eugen Stan
 
10 Mistakes Hackers Want You to Make
10 Mistakes Hackers Want You to Make10 Mistakes Hackers Want You to Make
10 Mistakes Hackers Want You to MakeJoe Kutner
 
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...Amazon Web Services
 

Similar to Odoo Code Hardening [Odoo Experience 2019] (20)

Safer Odoo Code [Odoo Experience 2017]
Safer Odoo Code [Odoo Experience 2017]Safer Odoo Code [Odoo Experience 2017]
Safer Odoo Code [Odoo Experience 2017]
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
 
Software Development Weaknesses - SecOSdays Sofia, 2019
Software Development Weaknesses - SecOSdays Sofia, 2019Software Development Weaknesses - SecOSdays Sofia, 2019
Software Development Weaknesses - SecOSdays Sofia, 2019
 
Real time data analytics - Part 2 - Sensors & Internet of Things
Real time data analytics - Part 2 - Sensors & Internet of ThingsReal time data analytics - Part 2 - Sensors & Internet of Things
Real time data analytics - Part 2 - Sensors & Internet of Things
 
OWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptxOWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptx
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
 
Best Practices for API Design to Keep Your App Secure, Scalable & Efficient
Best Practices for API Design to Keep Your App Secure, Scalable & EfficientBest Practices for API Design to Keep Your App Secure, Scalable & Efficient
Best Practices for API Design to Keep Your App Secure, Scalable & Efficient
 
How To Break Odoo's Security [Odoo Experience 2018]
How To Break Odoo's Security [Odoo Experience 2018]How To Break Odoo's Security [Odoo Experience 2018]
How To Break Odoo's Security [Odoo Experience 2018]
 
Guidelines to protect your APIs from threats
Guidelines to protect your APIs from threatsGuidelines to protect your APIs from threats
Guidelines to protect your APIs from threats
 
The Dev, Sec and Ops of API Security - API World
The Dev, Sec and Ops of API Security - API WorldThe Dev, Sec and Ops of API Security - API World
The Dev, Sec and Ops of API Security - API World
 
Внедрение безопасности в веб-приложениях в среде выполнения
Внедрение безопасности в веб-приложениях в среде выполненияВнедрение безопасности в веб-приложениях в среде выполнения
Внедрение безопасности в веб-приложениях в среде выполнения
 
Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017Owasp top 10 web application security risks 2017
Owasp top 10 web application security risks 2017
 
API Security: the full story
API Security: the full storyAPI Security: the full story
API Security: the full story
 
Building Secure Apps in the Cloud
Building Secure Apps in the CloudBuilding Secure Apps in the Cloud
Building Secure Apps in the Cloud
 
Ryan Smith's talk from the AWS Chicago user group May 22 - Security
Ryan Smith's talk from the AWS Chicago user group May 22 - Security Ryan Smith's talk from the AWS Chicago user group May 22 - Security
Ryan Smith's talk from the AWS Chicago user group May 22 - Security
 
Practical Guide to Securing Kubernetes
Practical Guide to Securing KubernetesPractical Guide to Securing Kubernetes
Practical Guide to Securing Kubernetes
 
Modern authentication in Sling with Openid Connect and Keycloak - Adapt.to 20...
Modern authentication in Sling with Openid Connect and Keycloak - Adapt.to 20...Modern authentication in Sling with Openid Connect and Keycloak - Adapt.to 20...
Modern authentication in Sling with Openid Connect and Keycloak - Adapt.to 20...
 
10 Mistakes Hackers Want You to Make
10 Mistakes Hackers Want You to Make10 Mistakes Hackers Want You to Make
10 Mistakes Hackers Want You to Make
 
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...
 

Recently uploaded

Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 

Recently uploaded (20)

CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 

Odoo Code Hardening [Odoo Experience 2019]