Beating the Pentester

Boy Baukema

Saturday 1 July 2017 from 10:45 to 11:30

Talk in English - US at Dutch PHP Conference 2017
View Slides: https://www.slideshare.net/relaxnow/beating-the-pentester
Short URL: https://joind.in/talk/f8142 (QR-Code (opens in new window))

Avg. Rating

You've done it, completed the project, on time and within the budget!
Now the customer says we need to have this audited by a security firm. Uh oh... what will he find? What impact will the results have on our deadlines?
In this talk we will examine what it takes to build security in with development and beat the pentester.

We'll cover topics like Threat Modelling, Validation, Encoding and Defense in Depth with real world vulnerabilities and practical examples in an Agile context. And learn how to remediate those vulnerabilities by using best practices.
You'll walk away with useful principles, practices and techniques to improve the security of your applications.

Comments

Comments are closed.

Herberto Graca at 13:24 on 1 Jul 2017 (via Web2 LIVE)

Good talk about an important subject often neglected. The speaker seemed to be in control of the subject.
Would have been nice to see more code examples if what to do and not to do.

Onno Lissenberg at 19:56 on 1 Jul 2017

Pim Widdershoven at 14:50 on 2 Jul 2017

Expected a bit more of this talk because I think everybody is aware of the basic security measures. It would be more interesting if there were more practical examples what to do and not to do, tooling, etc.

Ellen Boven at 11:30 on 3 Jul 2017 (via Web2 LIVE)

Good overview of topics

Patrick Rombouts at 11:19 on 4 Jul 2017 (via Web2 LIVE)

The talk was about basic security practices, while I expected a bit more explanation about how you can act like a pentester and find stuff in your own code. The presentation itself was great.