Slack App Security: Securing your Workspaces from a Bot Uprising
Kelly Ann, Nikki Brandt at AppSec California 2019
Slack’s developer platform has some powerful functionality that allows you to customize your org’s workflow. But with great power comes great responsibility. While Slack has a robust security posture, do you suffer from insomnia pondering the security aspects of third-party apps? Are coworkers pleading with you to install Slack apps with scopes that frighten you? Join Kelly and Nikki as we walk through the history of the Slack app directory, the unique security problems surrounding it, and what Slack’s doing to make it easier for you and all our users to sleep at night.
Speakers
Kelly Ann
Security Engineer, Slack
Kelly Ann is a security engineer on the Product Security team at Slack, where she works on vulnerability assessments of Slack features, as well as educational materials for security best practices for developers. Before joining Slack, Kelly was a penetration tester at NCC Group.
Nikki Brandt
Product Security Engineer, Slack
Nikki Brandt is a Product Security Engineer at Slack, where she currently leads the security review process and performs internal security assessments of the platform. Before joining Slack, Nikki was a senior security consultant at Matasano Security and NCC Group.
Speakers
Kelly Ann
Security Engineer, Slack
Kelly Ann is a security engineer on the Product Security team at Slack, where she works on vulnerability assessments of Slack features, as well as educational materials for security best practices for developers. Before joining Slack, Kelly was a penetration tester at NCC Group.
Nikki Brandt
Product Security Engineer, Slack
Nikki Brandt is a Product Security Engineer at Slack, where she currently leads the security review process and performs internal security assessments of the platform. Before joining Slack, Nikki was a senior security consultant at Matasano Security and NCC Group.