Dip Your Toes in the Sea of Security

James Titcumb

Friday 19 February 2016 from 14:40 to 15:40

Talk in English - UK at PHP UK Conference 2016
Track Name: Main Track
View Slides: http://www.slideshare.net/asgrim1/dip-your-toes-in-the-sea-of-security-php-uk-2016
Short URL: https://joind.in/talk/c2bb0 (QR-Code (opens in new window))

Avg. Rating

Dip Your Toes in the Sea of Security

Comments

Comments are closed.

Matt Dawkins at 15:38 on 19 Feb 2016

As someone with little experience but lots of responsibility, I thought this was an excellent talk. Lots of practical pointers, reminders of the obvious, but all the time with examples of why it's an issue. Well presented, clear and engaging. Well done!

Marijus Kilmanas at 15:42 on 19 Feb 2016

Good useful content and tips, good-ish presentation.
However this has overlapped massively with Thomas Shone talk this morning. This is obviously not as much presenters fault as it is those who selected talks/put together the schedule.
In full honesty, I've enjoyed Thomas' talk better for it's smoother presentation and I think it covered someslightly more content.
Good job to James nevertheless

Liam Wiltshire at 18:50 on 19 Feb 2016

Really good talk, well paced and addressed some important issues. Yes there was some overlap with Thomas' talk, but I think it's good that two different speakers are saying similar things, as it really re-enforces what we should (and often are not) doing as developers.

Lee Davis at 20:27 on 19 Feb 2016

Maybe if Capt' Asgrim Sparrow kept his beloved Black Pearl a little more secure he wouldn't have lost it in mutiny to Hector Barbossa. Arrrghhh, me hearties. Where's your parrot James? Eh? Go hard or go home.

Ok that's enough.

Security is a really difficult topic to cover because it's so easy to dive into rabbit holes and start losing people. James did a really good job of keeping it high level, and pointing delegates in the right direction for them to venture on.

It's amazing how much he did actually touch on; from the commonly known injection, reflection attacks to threat modelling and timing attacks. Ton's of stuff to ponder on and finished nicely with a great anecdote of his own amusing blunder (we all do it). There's a huge amount of value in this talk which in my opinion developers should have fully absorbed before being allowed to touch anything that might hit production.

Really well done James (or are you James? You say you are, but...?).

James Dunmore at 00:04 on 22 Feb 2016

Really great talk, lots of good tips and reminders. Engaging talk, but as ? Marijus said in comment above, it really overlapped with the earlier talk (would have given this 5 stars otherwise). Yes, why did I attend if I had already been to the other talk - the other talks on the same time didn't appeal.

David Yell at 09:28 on 22 Feb 2016

A good talk which covers quite a broad range of topics in a way which is interesting.

Tom Cameron at 09:49 on 22 Feb 2016

Well-presented talk, but some of the content seemed very basic - didn't come away with much new knowledge, but did enjoy it.

David Shrive at 14:58 on 22 Feb 2016

Interesting talk that complimented the previous security talk (Security Theatre by Thomas Shone) quite nicely. Although there was some overlap this one went a bit deeper on the methods you should use to solve the security issues.

Alexander Obuhovich at 08:22 on 25 Feb 2016

Good content, but could be more in depth.