Best Practices II

  • TYPE: Combined Session DATE: Wednesday, May 13, 2020 TIME: 17:30-18:30 LOCATION: AMMERSEE II


Picture this: you work at an enterprise, with a traditional IT organisation, mostly comprised to people that have been with the company for many years and manages lots of Personal and Non Personal Accounts on multiple platforms. There is this new thing called DevOps and it seems to match the Scrum methodology your developers like. So you decide to reorganize to DevOps. Some of your older employees don't want to make the transition with the attached challenges to the way they work and decide to take an early retirement This forces you to source some of the technical support functions to your offshore ventures in Eastern Europe. At the same time you want to make the new DevOps teams responsible for the entire stack, spreading the responsibility for account management to multiple teams. And after blinking twice you suddenly find you have several thousand of Non-Personal Accounts around that nobody seems to own or know what they are for. And nobody dares to delete them, because maybe you need them for some process that runs only once a year. Obviously this would never happen to you, right? But it happened to us and it could happen to you too! 
In this talk, we explain how we drained the swamp and got back in control over our NPA's. It involves good old fashioned detective work, password vaults, smart repositories connecting different data sources, some automation and some bold decisions.

Key takeaways: 

  • Understand the steps you need to take to get back in control
  • Understand where responsibility should be and why
  • Understand some of the tooling and automation you can use


Jan-Joost stumbled into IT almost 20 years ago, starting on a temp job for 5 days that lasted 7 years. During these 20 years he has been mostly on the functional and process side of things, having worked as tester, designer, information analyst, project manager, application manager, change...

Léon Janson has been working within Risk management and IT at ING since the late nineties. He started at Credit Risk management where he developed and implemented a world-wide Credit Risk Reporting datawarehouse. Next he managed several IT Operations teams within the Retail bank. During...

In recent years we have seen a great deal of attention to the topic of security analysis in smart contracts, especially those developed for the Ethereum blockchain. Hence, it seems there is an ever-growing demand for secure smart contracts to protect what could potentially be worth billions. In this work, I introduced Etherolic as a robust, scalable and efficient tool for performing precise security analysis on smart contracts. This tool works based on a successful combination of dynamic taint tracking (DTA) and concolic testing that allows users to analyze the bytecode of smart contracts being run on the Ethereum Virtual Machine. Therefore, Etherolic is not only able to identify a wide spectrum of vulnerabilities but also generates precise exploits to trigger unknown vulnerabilities in the contracts. In order to demonstrate the usefulness of the approach, I evaluated Etherolic on a crafted benchmark suite, comprising 12 real-world and synthetic contracts along with 98 safety features. The result of the evaluation reveals 204 hidden security violations in the benchmarks.



Stay Connected

Munich, Germany


European Identity & Cloud Conference 2020

Registration fee:
€2100.00 $2625.00 S$3360.00 23100.00 kr
Mastercard Visa American Express PayPal INVOICE
Contact person:

Mr. Levent Kara
+49 211 23707710
  • May 12 - 15, 2020 Munich, Germany


The European Identity & Cloud Conference 2020 is proud to present a large number of partners
Learn more

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00