For our April meeting we'll be going to Zoetermeer. H.C. de Raad provided us with a very nice venue to have the meeting at, the 4MKB business center.


19:00 - 19:30: Welcome and drinks
19:30 - 20:30: Webapplication (Drupal) security audits - Hans de Raad
20:30 - 20:45: Break
20:45 - 21:45: Don't use a screw when you need a nail - Stefan Koopmanschap
21:45 - 21:50: Raffle, Announcements, Feedback
21:50 - ??:??: Networking and drinks

Webapplication (Drupal) security audits (by Hans de Raad)

Web applications (like Drupal) offer a nice range of intrusion points for persons with malicious intents. This talk offers some insights in the various layers the applicationplatform consists of and how to harden them.When developing and deploying web applications, the final result is a collection of software all carefully combined to offer a coherent platform.This platform however consists of several loosely coupled items which can, on various levels, offer possibilities of manipulating the deployment.
This session offers an analysis of these items and offers some insight in the possible attack vectors these might offer.
Focus is not on actually hacking the components but on hardening them, by putting prevention measures (like mod_security) in place.
This presentation is derived from a standard auditprocedure which the author follows on a regular basis.

About Hans

Hans de Raad is een onafhankelijke ICT specialist die zich met name bezighoud op het snijvlak van mens-machine-interactieprocessen.Onafhankelijke (ICT) specialist, altijd op zoek naar interessante initiatieven op informatie, communicatie en technisch vlak.
Ervaring met projectmanagement van overheid via MKB tot internetstartups.

Voornaamste motto: ICT moet helpen om een proces te faciliteren, niet dwingen om te herstructureren.

Don't use a screw when you need a nail (by Stefan Koopmanschap)

A lot of PHP developers try to build every aspect of their application in PHP. A logical choice when you develop PHP, but there are situations where another tool might be better suited. This talk will go over some of the advantages of using external tools, then introduce you to several projects written in other languages that might be useful for your next project, and show that you should not be afraid of these tools because you can use them without knowing the language they were written in.


4MKB Center
Bredewater 16
2715 CA Zoetermeer
The Netherlands

Please register through our page. Registration is free, but required to ensure good catering and proper seating.