Fancy Bear, Stone Panda, Lazarus, Charming Kitten and Equation Group are Advanced Persistent Threat groups. Woah... sounds scary! What are the threats from these groups? Do we really need to worry about them or do they just make attention grabbing news stories? In this talk, Robin will explore why APT groups might not be the thing that application developers need to worry about and the things that should get attention in application security. You'll see some tools and techniques that help find the important problems to work on and the ways to resolve those problems. This is real world appsec.

Do you mostly write DTO classes, property bags with data from database or from APIs? Do you name every class in the service layer managers, processors, or services? Are you disappointed that you can't do DDD as your day to day job is to build simple CRUDy APIs? Then, come and join my talk to discuss how we can domain driven design our API development. You will be surprised that you can benefit from DDD with even the simplest CRUD APIs by putting all validation and business logic in central domain models, not scattering them around.