Building a secure service or application can be challenging, but it doesn't need to be. The Twilio Security team has developed a guide to securing applications based on what we see our customers do well and where mistakes happen. This talk focuses on practical and easy ways to be secure. As examples:
- How to secure keys and credentials in applications. We will walk through how to manage API and other credentials.
- How Twilio is protecting developers when app credentials do go astray.
- How to securely authenticate users comparing different authorizations such as OAuth.
- How to detect breaches and what Twilio does to monitor and detect potential breaches in AWS.