Web Security Fundamentals


Comments are closed.

Very clear session delivered by Eli with useful real world examples.

Ben Shoemaker at 21:12 on 16 Sep 2016

I was very familiar with this topic, but I still gleaned a few insights.
Eli has great knowledge of this topic.

Would recommend updating this talk further, perhaps adding some hands on "fixing" to the workshop so that attendees can apply/test their own awareness of the "top ten". Perhaps a snippet test in the beginning... and a more full "self-test" with answer key for later.


Hey Ben, thanks so much for the feedback. I have a full-day version of this talk that HAS the 'hands on fixing' aspects of it. But to fit this into only 3 hours of instructional time for a workshop, the hands on stuff had to be cut, as well as a fair bit of stuff on INI configuration, much more detail on filtering (how to in code), and some other topics as well.

When the owasp updates their top 10 at the end of this year or in 2017 ... I may refactor this talk to be a much more focused 'top 10' workshop, remove some of the 'basic basic basics' that I have in there, and therefore leave time for some more hands-on level stuff. Thanks again!