Odoo Experience 2018
-
Configure Your Own Mail Server with Odoo
Nicolas Seinlet, Software Developer - OdooHecho
-
Odoo Documents: The Making of a New Application
Pierre Paridans, Developer - OdooHecho
-
How to Develop Your Own In-App Purchase Service
Antony Lesuisse, Chief Technical Officer - OdooHecho
-
Let's Create Records Faster!
Raphael Collet - Odoo DeveloperHecho
-
The IoT Box & the Cloud
Josse Colpaert, Developer - OdooHecho
-
Ask Me Anything for Developers
Antony Lesuisse, Chief Technical Officer & Olivier Dony, Platform & Security - OdooHecho
-
Visualizing Data in Odoo: How to Create a New View
Mathieu Duckerts-Antoine, Developer - OdooHecho
-
Empower Your App by Inheriting from 8 Mixins
Yannick Tivisse, Developer - OdooHecho
-
The Odoo Javascript Framework
Gery Debongnie, Lead Developer - OdooHecho
-
Odoo.sh for Developers
Denis Ledoux, Developer - OdooHecho
How to Break Odoo's Security (Or How to Prevent It)
Developer
Ubicación: Aula Magna / Foyer du Lac
-
3/10/18 14:30
-
3/10/18 15:20
(Europe/Brussels)
(50 minutos)
Olivier Dony - Software & SaaS Engineer, Security team, Odoo
Platform & Security at Odoo
Olivier Dony - Software & SaaS Engineer, Security team, Odoo
Platform & Security at Odoo
Recent years have seen a steady increase in the digital threats faced by businesses, small and large alike. The security of business and personal data becomes more and more important every day, and the arrival of new regulation such as GDPR adds legal burden to the existing business risk.
XSS, CSRF, SQL injection, broken authentication, data leak, and so on. All kinds of security problems happen every day, even to the biggest companies. We can't stop that, but we can at least prepare for it, by carefully considering the risks, and integrating best practices into daily coding tasks.
Before trying to break it, the talk will first describe the Odoo Security Model, with a quick recap of the key features built into the framework to help developers design secure Apps.
Then we'll explore a few real-life coding examples. We'll show how the security features are used in practice, and how they can be defeated if the developers are not careful, compromising the whole security of the system. Analyzing these examples will give substance and context to the security primitives, and help new and experienced developers integrate best practices into their development workflow.
XSS, CSRF, SQL injection, broken authentication, data leak, and so on. All kinds of security problems happen every day, even to the biggest companies. We can't stop that, but we can at least prepare for it, by carefully considering the risks, and integrating best practices into daily coding tasks.
Before trying to break it, the talk will first describe the Odoo Security Model, with a quick recap of the key features built into the framework to help developers design secure Apps.
Then we'll explore a few real-life coding examples. We'll show how the security features are used in practice, and how they can be defeated if the developers are not careful, compromising the whole security of the system. Analyzing these examples will give substance and context to the security primitives, and help new and experienced developers integrate best practices into their development workflow.