Great talk with a lot of pointers on how to start an internal security testing process.
It is something not a lot of companies are doing, but could save a company a lot of headaches and money.
The speaker had a consistent and clear explanation. Punctual and methodically, speaker could also entertaining the audience.
Could answer all questions from the audience. And discussing comprehensive with visitors who illuminate the subject differently .
The beautiful sheets gave clear information.
For me this is great info on what tools to use to test my own apps.
What we missed is info on how to prevent these attacks (using PHP). Understandable because the talk could easily become too long, but maybe you can add some urls to specific resources in your slides? I will look up some and post them on meetup.