Workshop in English - US at Madison PHP Conference 2016
View Slides: https://ilia.ws/files/madison-security-tutorial.pdf
Short URL: https://joind.in/talk/61167
(QR-Code (opens in new window))
Application Security Nuts to Bolts
Comments are closed.
Excellent talk from an obviously knowledgeable speaker. Was able to answer questions clearly and coherently. Glad I attended. Thank you!
This session alone was worth the price of admission to the whole conference! Ilia really knows his stuff. I left with several ideas of how I can improve my projects and a pile of things to read up on. Thank you!
Great talk - very relatable and informative to anyone building websites or web applications. Ilia is definitely a subject matter expert!
Wow! A lot of great information. Will be processing this for quite a while.
Great talk about PHP security that was both informative and entertaining. I was glad to hear some specific examples of how sites are hacked and hear about new security features in PHP 7.
Good talk and very dense. Again, an addition of demos would be really useful
Eye opening with deeper insights on how to better code!
Great presentation with very knowledgeable speaker
This talk was exceptional. It provided me with multiple security touch points & can propose as improvements to our customer base.
Good discussion during presentation. I felt that the level of complexity was just right.
Ilia did a great job explaining a very broad subject of web security. Not only was it in-depth yet easy to understand (a very difficult balance to achieve), but it was honestly entertaining.
I left with a ton of great notes and more prepared to protect my clients.
My only disappointment was that I didn't get to see Ilia hack a site! ;-)
Ilia did a fantastic job illustrating the many possible attack vectors for PHP applications. He emphasized the balance between usability and security as well as the importance of validating / escaping out input and output. I really held on to the fact that no input can be trusted, even when it is coming from a legitimate source - there are simply too many ways to spoof and reflect bad information into a database. The time really flew by and Ilia was very energetic and engaging. In the future I would suggest adding audience participation, perhaps by searching a piece of sample code manually or with one of the suggested tools.