Web Application Security

Synopsis

Even the simplest web application has so many vectors of attack, it’s no wonder most people forget at least one. Web applications aren’t stand-alone; they are built upon frameworks, upon platforms, upon core libraries, each of which could suffer from vulnerabilities you’re not only unaware of, you’re statistically unlikely to discover them all. Consider, for example, OpenSSL's infamous “Heartbleed” Bug.

We hear about security vulnerabilities every week, now it’s time to experience them. Find out what the leading concerns are, and the not so common ones too, and experience live demonstrations of how these attacks play out.

This presentation aims to arm you with the mindset, tools and resources to minimise the opportunities for attack, and to reduce the fallout when they succeed. From cross-site scripting and session hijacking to brute force and man-in-the-middle attacks, you’re expected to cover all your bases so the bad guys can’t use a single one.

Testimonials

I thought I had a good grasp of this stuff but the talk was an eye-opener! Ciaran McNulty
Usually we just hear about the various types of attacks but the demos brought these concepts to life! It is one thing to know them, but seeing them being enacted out in front of me blew me away. Thanks! — Zion Ng
Very informative and detailed presentation. Arul Kumaran
Image for

Previously Presented At

Starts: Jun 2018
International PHP Conference
Berlin, Germany
Starts: Sep 2015
PHPConf.Asia
Singapore
Starts: May 2015
YOW! West
Perth, Australia
Starts: Aug 2014
New Zealand PHP Conference
Wellington, New Zealand
Starts: Aug 2014
Melbourne PHP Users Group
Melbourne, Australia

Subscribe to my Newsletter

* indicates a required field

I don't send many updates. I don't like to spam. Let's face it - I've not posted many new articles for a while (although I do plan on changing that). If you subscribe to new articles, I'll send no more than two emails a week. As for workshop and conference information, that'll be as and when I have details. It's not likely to be more than an email a week.

Topics

I don't send many updates. I don't like to spam. Let's face it - I've not posted many new articles for a while (although I do plan on changing that). If you subscribe to new articles, I'll send no more than two emails a week. As for workshop and conference information, that'll be as and when I have details. It's not likely to be more than an email a week.