Canary in the Datamines: Using Log Canary to find PII

von · Nov 5, 2020 · 62 Besichtigungen ·

Loco Moco Security Conference

Why is it that sensitive data always seems to end up places it shouldn't? We won't answer that exact question in this talk, but we *will* tell you about a tool that we wrote to combat the problem. Log Canary is a tool we wrote to continuously probe our product for places where PII might be leaked into logs, so that we can resolve the issue before any real data is written. Join us as we explain the concept of Log Canary and go over lessons we learned in its development and deployment.