Dip Your Toes in the Sea of Security

James Titcumb

Friday 13 May 2016 from 14:30 to 15:30

Talk in English - UK at phpDay 2016
Track Name: Track 1
View Slides: http://www.slideshare.net/asgrim1/dip-your-toes-in-the-sea-of-security-phpday-2016
Short URL: https://joind.in/talk/fc2dc (QR-Code (opens in new window))

Avg. Rating

Dip Your Toes in the Sea of Security

Comments

Comments are closed.

Emanuele Gaspari at 15:22 on 13 May 2016

awesome talk to skratch the surface of security, and something more..

Francesco Abeni at 15:28 on 13 May 2016

Security is a very wide and complex topic but this talk is a very comprehensive overview. Especially liked the real-world example and anecdotes.

Alessandro Lai at 15:38 on 13 May 2016

Very nice and basic to little to medium talk, easy to comprehend and very useful

Miroslav Šustek at 17:09 on 13 May 2016

I'm not sure who was few parts of the talk intended for (not for beginners, but not for intermediate too). For example the CSRF vulnerability. I think it lacked the example what an attacker can do if you do not have your application secured. Somebody who knows how CSRF works usually knows how to implement CSRF tokens too. If you do not know what CSRF is, those tokens does not tell you much. I know you cannot squeeze everything in one hour. But the things you manage to squeeze into the talk should make sense too.

Miroslav Šustek at 17:11 on 13 May 2016

Nice talk! However, I'm not sure who were few parts of the talk intended for (not for beginners, but not for intermediate too). For example the CSRF vulnerability. I think it lacked the example what an attacker can do if you do not have your application secured. Somebody who knows how CSRF works usually knows how to implement CSRF tokens too. If you do not know what CSRF is, those tokens does not tell you much. I know you cannot squeeze everything in one hour. But the things you manage to squeeze into the talk should make sense too.

Alessandro Pellizzari at 22:23 on 13 May 2016

A good introduction to several attack vectors. Some explanations were not very clear, especially i the second part.

Luca Saba at 19:25 on 14 May 2016

Great talk. Really valuable.

Samuele Lilli at 10:19 on 15 May 2016

It was good, quite a lot of mistakes we have done in the past were covered but I didn't 100% understood the finalities of this talk: it was just a showcase or something else?

Still very good.

daniele orru at 11:48 on 15 May 2016

I liked this talk! informative enough for some security tips on php7.
I understand how you can't talk comprehensive about security in just 1 hour, so maybe it would worth to focus more on an objective (like talking exclusively on what changed on php7 best practices for handling security issues or talking a bit more in depth about the most common owasp vulnerabilities).
Very good anyway!

Sergey Kibish at 08:22 on 17 May 2016

Nice talk about different vectors of security. May be it might be good to mention what is now trending (vulnerabilities) and how to protect yourself from them.

Giorgio Beggiora at 23:22 on 17 May 2016

I just can't get enough... Security is crucial. Thanks for your advices!