Join WiCyS Minnesota’s Jessa Gegax as she presents at CypherCon on Salesforce Snafus: Unveiling and Exploiting Security Misconfigurations Using Commonly Used Widgets. 

This talk explores how to leverage the nooks and crannies of Salesforce to find and abuse misconfigurations that chain together and create serious vulnerabilities that leak sensitive data to adversaries. It highlights that security concerns still exist on applications built on a well-known CRM tool with declarative or “point-and-click” development, where to discover them, and how they can be remediated. It provides a real-world scenario of using various Salesforce widgets to find security vulnerabilities like Insecure Direct Object References (IDORs) and Broken Authorization as a means of stealing sensitive client information. It offers solutions for detection and prevention for these elevated attacks that relate to common security best practices. At the end of this discussion, you will walk away with better awareness of the vulnerabilities existing in Salesforce, how they can be discovered, remediated, then prevented. You may even learn a new trick or two on how to think like a hacker when building your company’s next communication tool!

Wisconsin’s Largest Technology Conference, a Cybersecurity Summit & Hacker event! All are welcome! We are anticipating selling out with over 2000 attendees! Meet with new and old local friends. The event offers 90 +/- presentations covering five tracks on topics such as Technology, AI, Risk, Careers, Cybersecurity Offensive (Red Team), Cybersecurity Defensive (Blue Team), Executive / CIO / CISO talks, or just come relax in our casual environment!

Register HERE