Beware of the Dark Side, Luke!


Comments are closed.

Arne did an excellent job of showing off many common and easy vectors of attacking a web application. He discussed SQL injection, XSS, as well as things like port scanning with nmap. It would have been good to know that it was a beginner level talk but good information was provided and it seems to open a lot of eyes in the packed out room.

Really useful, showed a bunch us a bunch of different attacks commonly used against sites/servers including a bunch I hadn't thought of. Covered a broad topic very concisely. Could have done with more notes that we could grab a copy of but that's just my personal preference and laziness

Very entertaining, much like his talks last year @ ZendCon. Makes a lot of valid points, I found myself checking my own sites/servers for vulnerabilities as he named them off.

It was great for what it was, but it wasn't what I was hoping for. I've attended a lot of talks and even classes on Security and PHP and every single one boils down to the same basic info. Escape output and sanitize input. I guess I was hoping for more advanced topics out of a half-day tutorial. To be fair to Arne, the second half of the session may have progressed to more advanced topics, but having already sat through a number of similar sessions, I found myself bored and did not sit through the entire tutorial.

Again, this is not Arne's fault at all. He did a great job at presenting the material, and I found myself chuckling many times.