May 19, 2009, 18:50 by chance
I agree with brandon, it was a great primer and review on security but could use a little bit more oomph. Overall, amazing talk that gave me some things to chew on.
Web Application Security Boot Camp
Christian Wenz (May 19, 2009 at 05:00)
Talk at php|tek 2009 (English - US)
According to a recent study, 9 out of 10 web sites have security vulnerabilities. Be web site #10 and learn in this tutorial how to write secure PHP code. We will cover common (and not so common) attacks and discuss countermeasures. Further featured topics include protection against automated HTTP requests, securing web services, and potential implications of heavy Ajax use. Tales from security audits will motivate you to fix your code. Believe me.
Quicklink: http://joind.in/173
Comments
May 19, 2009, 19:14 by elazar
Sufficient coverage of the basics with practical examples. Was hoping to learn something new, but had seen relatively similar talks in the past (such as Chris Shiflett's Security 2.0 talk) and was disappointed as a result. A bit dry, though saved by an occasional bit of humor. Agree with previous comments: it's a good talk, not a great talk.
May 20, 2009, 18:35 by rdohms
Have to agree, its an awesome talk for the beginners who do not know where to go yet, but for more weathered users, we need the extra "something" to go beyond. But a great session to remember stuff you should not forget.
May 19, 2009, 18:10 by brandonsavage
Lots of good info but pretty basic stuff that every developer should know. Need that extra oomph. Still, overall a phenomenal talk.