PHPSW: Security, May 2018
9 May 2018 at BaseKit

An overview of how web developers can protect their applications, their businesses, but most importantly; their sanity. It will include a brief overview of common mistakes made with web applications that could lead the developer, and/or others to a security faux pas. Some best practices to follow, and some real world examples of where I/others have screwed up.

The OWASP Top 10 2017 is a powerful awareness document for web application security and a new version has been recently released. The list, which represents the most common vulnerabilities found in web applications, suits very well testers. But how can developers write more secure applications to prevent these ? What are the security techniques they can use while writing their software to prevent these ? These are hard questions, as evidenced by the increased cyber breaches. In this talk, we will explore together the new OWASP Top10 2017. Staring from real world examples and breaches, we identify the security controls that developers can use in SDLC to help them to prevent the most common vulnerabilities.