We all know security is hard. If your originally small open-source project that targeted home-users is suddenly attracting big enterprises with high security requirements as users, it’s probably even harder.
This talk will cover the highlights of the four year long security story of ownCloud (owncloud.org), an open-source file-sync and share solution used by millions of persons world-wide.
A lot has happened in these 4 years. The recent addition of the Bug Bounty program being a notable example.
So let’s reflect: What has potentially gone wrong? What could have been better and was everything we’ve done really a good idea?
We all know security is hard. If your originally small open-source project that targeted home-users is suddenly attracting big enterprises with high security requirements as users, it’s probably even harder.
This talk will cover the highlights of the four year long security story of ownCloud (owncloud.org), an open-source file-sync and share solution used by millions of persons world-wide.
A lot has happened in these 4 years. The recent addition of the Bug Bounty program being a notable example.
So let’s reflect: What has potentially gone wrong? What could have been better and was everything we’ve done really a good idea?
