We’re being surveilled! Governments and companies collect data. Hackers want that data.
What can software as a service providers do to protect data at rest? What if you need to work with that data? End-to-end encryption isn’t an option, so where do we turn?
In this talk, Ben discusses and demos ways to securely and anonymously handling and distributing sensitive information between users, without allowing the raw data to give anything away.
Going viral isn’t always a good thing. Stopping viruses is hard. Let’s work out how viruses hide. Now that you’re thinking like a virus writer, you can anticipate which areas of your applications need hardening. This presentation will feature live demos of writing PHP viruses, and infection of willing targets.
We've all heard of cross-site scripting attacks. And SQL injection. What about cross-site-request forgeries?
These are just some of the OWASP top ten, but what do they actually look like? We rely on frameworks to abstract these, but understanding then can help your perspective on security.
In this talk, Ben gives live demos of these, and more. Arm yourself with the mindset, tools, and resources required to defend yourself from attack!
As the old saying goes, when one door closes, it can only be reopened when you have been provided with a valid JSON Web Token with which to identify yourself.
This talk introduces JWT, secure authentication, and delegated authority, to demonstrate how to secure IoT devices without exposing them to the internet.