BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//WiCyS - Women in Cybersecurity - ECPv6.16.4.1//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-ORIGINAL-URL:https://www.wicys.org
X-WR-CALDESC:Events for WiCyS - Women in Cybersecurity
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:UTC
BEGIN:STANDARD
TZOFFSETFROM:+0000
TZOFFSETTO:+0000
TZNAME:UTC
DTSTART:20240101T000000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;VALUE=DATE:20250403
DTEND;VALUE=DATE:20250405
DTSTAMP:20241125T183004Z
CREATED:20241125T183004Z
LAST-MODIFIED:20241125T183004Z
UID:10001964-1743638400-1743811199@www.wicys.org
SUMMARY:WiCyS Minnesota | CypherCon: “Salesforce Snafus: Unveiling and Exploiting Security Misconfigurations Using Commonly Used Widgets”
DESCRIPTION:Join WiCyS Minnesota’s Jessa Gegax as she presents at CypherCon on Salesforce Snafus: Unveiling and Exploiting Security Misconfigurations Using Commonly Used Widgets.  \nThis talk explores how to leverage the nooks and crannies of Salesforce to find and abuse misconfigurations that chain together and create serious vulnerabilities that leak sensitive data to adversaries. It highlights that security concerns still exist on applications built on a well-known CRM tool with declarative or “point-and-click” development\, where to discover them\, and how they can be remediated. It provides a real-world scenario of using various Salesforce widgets to find security vulnerabilities like Insecure Direct Object References (IDORs) and Broken Authorization as a means of stealing sensitive client information. It offers solutions for detection and prevention for these elevated attacks that relate to common security best practices. At the end of this discussion\, you will walk away with better awareness of the vulnerabilities existing in Salesforce\, how they can be discovered\, remediated\, then prevented. You may even learn a new trick or two on how to think like a hacker when building your company’s next communication tool! \n  \nWisconsin’s Largest Technology Conference\, a Cybersecurity Summit & Hacker event! All are welcome! We are anticipating selling out with over 2000 attendees! Meet with new and old local friends. The event offers 90 +/- presentations covering five tracks on topics such as Technology\, AI\, Risk\, Careers\, Cybersecurity Offensive (Red Team)\, Cybersecurity Defensive (Blue Team)\, Executive / CIO / CISO talks\, or just come relax in our casual environment! \n  \nRegister HERE
URL:https://www.wicys.org/event/wicys-minnesota-cyphercon-salesforce-snafus-unveiling-and-exploiting-security-misconfigurations-using-commonly-used-widgets/
LOCATION:Baird “Wisconsin” Center\, 400 W Wisconsin Ave\, Milwaukee\, WI\, 53203\, United States
CATEGORIES:WiCyS Affiliate
ATTACH;FMTTYPE=image/png:https://www.wicys.org/wp-content/uploads/2024/11/Jessa-Gegax-Speaking-Engagement-Minnesota-Shield.png
ORGANIZER;CN="WiCyS Minnesota Affiliate":MAILTO:WiCySMinnesota@wicys.org
END:VEVENT
END:VCALENDAR