AppSec California 2020, January 21-24 at the Annenberg Beach House, Santa Monica, CA
Back To Schedule
Friday, January 24 • 11:55am - 12:45pm
Protecting the Bridge from Dollars to Bitcoin: Securing Coinbase’s Edge Payments Infrastructure

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Integrating with fiat payments systems globally challenges the maturity of an entire security program. A security issue leads to identity theft and direct money loss, but integration is often a critical business priority. These payment systems span many types of architectures introducing more complexity and bugs. We’ll go over the typical API patterns and follow the lifecycle of an entire payment from pre-payment to reconciliation and map common payments vulnerabilities and remediation to their application security equivalents. We’ll go over how Coinbase has adapted traditional AppSec tools like 3rd party vendor reviews, threat modelling, static analysis, security champions, and bug bounties to the payments world to find and eliminate money loss and personal data loss bugs. We’ll even go through some of the privacy conundrums involved with interacting with the current financial system.

avatar for Nishil Shah

Nishil Shah

Application Security Engineer, Coinbase
I currently work on the Application Security team at Coinbase where I work on securing our payments infrastructure along with maintaining Salus, Coinbase's security scanning orchestration tool.

Friday January 24, 2020 11:55am - 12:45pm PST
Garden Terrace Room