This session will outline security practices and solutions designed to address security issues within application's business and processing logic, which are often overlooked in favour of basic security flaws such as SQL Injection, XSS, etc... The session will focus on how to implement mechanisms for improving data access, avoiding common ACL pitfalls, etc.

Comments

Comments are closed.

Rated 5

Anonymous at 13:25 on 9 Oct 2013

Best session I've been to.. loads of great information!

Rated 5

Anonymous at 13:44 on 9 Oct 2013

Ilia is very knowledgeable. Thanks!

Had lots of good information.

Good informative talk. Nothing really new for me, but it was good to refresh memory on that topic.

Epic talk. Good, clean speaker skills.

Excellent session. Ilya is interesting and knowledgeable. Class was quick-paced, and included the right amount of examples and technical level detail for a 1 hour session.

Will be very useful, especially once I can refer to the slides. Lots of things to add to my application. Talk was very well presented.

Great, informative talk. Everything you could have asked for in a short session for such a huge topic. Ilia also handled the Q&A very well.

Excellent session. Ordered information from start to finish; huge amounts of knowledge dumped in such a short amount of time.

Rated 5

Anonymous at 15:46 on 9 Oct 2013

Excellent presentation and very useful

Excellent discussion on important security considerations in an abstract concept beyond the basics. Security is a huge field so not everything could be covered, but some things like pattern analysis and treating suspicious requests differently is a logical and overlooked step many apps can (and should) take.

This is the second talk I attend by this speaker and the same thing amazed me this time: how deep knowledge he shows of the subject matter. And by the way, he was probably the only speaker at ZendCon who projected his voice properly throughout the *whole* talk. A+ presenting skills.

Rated 5

Anonymous at 19:52 on 9 Oct 2013

Impressively well done. I consider myself a security nut and I learned quite a few things today so THANK YOU!

Great presenter! Fast, but perfectly happy to stop and elaborate when necessary. I felt that a lot of material was covered in a short period of time. The Session Security, Data Access Management, and Logging segments were especially useful.

Tight. All the concepts were solid and well presented and correct. Apart from making half the room look like idiots for not knowing you can compile PHP without session support (is Ilia a PHP-GTK coder?) this php-focused talk was waterproof.

Rated 5

Anonymous at 09:37 on 12 Oct 2013

Rated 5

Anonymous at 18:04 on 3 Nov 2013

What a great read. Thank you very much for a clear, well structured and informative slides.