Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

of

90K Reasons Security is a Must - PHPWorld 2014 Slide 1 90K Reasons Security is a Must - PHPWorld 2014 Slide 2 90K Reasons Security is a Must - PHPWorld 2014 Slide 3 90K Reasons Security is a Must - PHPWorld 2014 Slide 4 90K Reasons Security is a Must - PHPWorld 2014 Slide 5 90K Reasons Security is a Must - PHPWorld 2014 Slide 6 90K Reasons Security is a Must - PHPWorld 2014 Slide 7 90K Reasons Security is a Must - PHPWorld 2014 Slide 8 90K Reasons Security is a Must - PHPWorld 2014 Slide 9 90K Reasons Security is a Must - PHPWorld 2014 Slide 10 90K Reasons Security is a Must - PHPWorld 2014 Slide 11 90K Reasons Security is a Must - PHPWorld 2014 Slide 12 90K Reasons Security is a Must - PHPWorld 2014 Slide 13 90K Reasons Security is a Must - PHPWorld 2014 Slide 14 90K Reasons Security is a Must - PHPWorld 2014 Slide 15 90K Reasons Security is a Must - PHPWorld 2014 Slide 16 90K Reasons Security is a Must - PHPWorld 2014 Slide 17 90K Reasons Security is a Must - PHPWorld 2014 Slide 18 90K Reasons Security is a Must - PHPWorld 2014 Slide 19 90K Reasons Security is a Must - PHPWorld 2014 Slide 20 90K Reasons Security is a Must - PHPWorld 2014 Slide 21 90K Reasons Security is a Must - PHPWorld 2014 Slide 22 90K Reasons Security is a Must - PHPWorld 2014 Slide 23 90K Reasons Security is a Must - PHPWorld 2014 Slide 24 90K Reasons Security is a Must - PHPWorld 2014 Slide 25 90K Reasons Security is a Must - PHPWorld 2014 Slide 26 90K Reasons Security is a Must - PHPWorld 2014 Slide 27 90K Reasons Security is a Must - PHPWorld 2014 Slide 28 90K Reasons Security is a Must - PHPWorld 2014 Slide 29 90K Reasons Security is a Must - PHPWorld 2014 Slide 30 90K Reasons Security is a Must - PHPWorld 2014 Slide 31 90K Reasons Security is a Must - PHPWorld 2014 Slide 32 90K Reasons Security is a Must - PHPWorld 2014 Slide 33 90K Reasons Security is a Must - PHPWorld 2014 Slide 34 90K Reasons Security is a Must - PHPWorld 2014 Slide 35 90K Reasons Security is a Must - PHPWorld 2014 Slide 36 90K Reasons Security is a Must - PHPWorld 2014 Slide 37 90K Reasons Security is a Must - PHPWorld 2014 Slide 38 90K Reasons Security is a Must - PHPWorld 2014 Slide 39 90K Reasons Security is a Must - PHPWorld 2014 Slide 40 90K Reasons Security is a Must - PHPWorld 2014 Slide 41 90K Reasons Security is a Must - PHPWorld 2014 Slide 42 90K Reasons Security is a Must - PHPWorld 2014 Slide 43 90K Reasons Security is a Must - PHPWorld 2014 Slide 44 90K Reasons Security is a Must - PHPWorld 2014 Slide 45 90K Reasons Security is a Must - PHPWorld 2014 Slide 46 90K Reasons Security is a Must - PHPWorld 2014 Slide 47 90K Reasons Security is a Must - PHPWorld 2014 Slide 48 90K Reasons Security is a Must - PHPWorld 2014 Slide 49 90K Reasons Security is a Must - PHPWorld 2014 Slide 50 90K Reasons Security is a Must - PHPWorld 2014 Slide 51 90K Reasons Security is a Must - PHPWorld 2014 Slide 52 90K Reasons Security is a Must - PHPWorld 2014 Slide 53 90K Reasons Security is a Must - PHPWorld 2014 Slide 54 90K Reasons Security is a Must - PHPWorld 2014 Slide 55 90K Reasons Security is a Must - PHPWorld 2014 Slide 56 90K Reasons Security is a Must - PHPWorld 2014 Slide 57 90K Reasons Security is a Must - PHPWorld 2014 Slide 58 90K Reasons Security is a Must - PHPWorld 2014 Slide 59 90K Reasons Security is a Must - PHPWorld 2014 Slide 60 90K Reasons Security is a Must - PHPWorld 2014 Slide 61 90K Reasons Security is a Must - PHPWorld 2014 Slide 62
Upcoming SlideShare
Security In Internet Banking
Next
Download to read offline and view in fullscreen.

11 Likes

Share

Download to read offline

90K Reasons Security is a Must - PHPWorld 2014

Download to read offline

We all have focussed on best practices and code quality over the past years, but we seemed to forgot the most important aspect of the web: security. This talk gives a good overview on your first-line of defence in your code, how to ensure that new exploits and hacking techniques are covered with tests and how you build solid web applications that secured enough to keep script kiddies and wanna-be hackers away. I will also give some tips what to do when you're company becomes victim of cyber crime.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

90K Reasons Security is a Must - PHPWorld 2014

  1. 1. in 2 it PROFESSIONAL PHP SERVICES 2 https://www.flickr.com/photos/buschap/3112239016 90K reasons why security is a must
  2. 2. About a year ago 2
  3. 3. A year later 3
  4. 4. Today, 2 months later 4
  5. 5. 5 https://www.flickr.com/photos/andymag/9349743409
  6. 6. Neverending awareness 6 https://www.flickr.com/photos/yonolatengo/8338597558
  7. 7. Why bother? 7 https://www.flickr.com/photos/emagic/56206868
  8. 8. 8 In the news… https://www.flickr.com/photos/39908901@N06/6923408938
  9. 9. Yes, you’re a target! 9 https://www.flickr.com/photos/jeepersmedia/14546059371
  10. 10. Email addresses are valuable! 10 https://www.flickr.com/photos/horiavarlan/4514164700
  11. 11. One password, many sites! 11 abc123
  12. 12. Advice on tools!!! Password managers! 12
  13. 13. 2-factor authentication http://www.google.com/landing/2step/ 13
  14. 14. Or just use SMS http://twillio.com 14
  15. 15. Who’s after my data? 15 https://www.flickr.com/photos/teegardin/6093810333
  16. 16. Script kiddies 16
  17. 17. Amateur hacker 17 https://www.flickr.com/photos/hackny/6203305706
  18. 18. Professional hacker 18 https://www.flickr.com/photos/equinoxefr/6857174987
  19. 19. Business Competition 19 https://www.flickr.com/photos/haggismac/5090028513
  20. 20. Governments 20 https://www.flickr.com/photos/defenceimages/7985695591
  21. 21. What to do against it? 21 https://www.flickr.com/photos/drachmann/327122302
  22. 22. Cultural differences 22 https://www.flickr.com/photos/robdeman/2390666040
  23. 23. Legal regulations 23 https://www.flickr.com/photos/puisney/1674586821
  24. 24. Architectural considerations 24 https://www.flickr.com/photos/niftyniall/12768922813
  25. 25. Restrict physical access 25 https://www.flickr.com/photos/zapthedingbat/487133720
  26. 26. Secure your network 26 https://www.flickr.com/photos/99279135@N05/14618342277
  27. 27. Extra care for privacy data 27 https://www.flickr.com/photos/hyku/368912557
  28. 28. Use encryption 28 https://www.flickr.com/photos/ideonexus/5175383269
  29. 29. Lock down your application 29 https://www.flickr.com/photos/simon_cocks/4534589059
  30. 30. Create security checkpoints 30 https://www.flickr.com/photos/paulk/2212992458
  31. 31. Track movements 31 https://www.flickr.com/photos/timsamoff/362730755
  32. 32. Code considerations 32 https://www.flickr.com/photos/nyuhuhuu/4443886636
  33. 33. Security is not an afterthought! 33 https://www.flickr.com/photos/webb-zahn/10971215425
  34. 34. Little bobby tables xkcd.com/327 34
  35. 35. Sanitise data, always <?php $id = $_GET['id']; // sanitise tainted data $clean_id = filter_var($id, FILTER_SANITIZE_NUMBER_INT); $clean_id = filter_var($clean_id, FILTER_VALIDATE_INT); if (0 < $clean_id) { $stmt = $pdo->prepare( 'SELECT * FROM TABLE WHERE `id` = ?' ); $stmt->bindParam(1, $clean_id, PDO::PARAM_INT); $stmt->execute(); } 35
  36. 36. 36
  37. 37. Use the right tool for the job 37 https://www.flickr.com/photos/florianric/7263382550
  38. 38. 38
  39. 39. 39
  40. 40. Layered security 40 https://www.flickr.com/photos/feesta/2700575201
  41. 41. You know all this, right! 41 https://www.flickr.com/photos/sarahreido/3120877348
  42. 42. Victim of an attack? 42 https://www.flickr.com/photos/marittoledo/8512244945
  43. 43. Know you’ve been hacked! 43
  44. 44. Inform everyone ASAP! 44 https://www.flickr.com/photos/bluerobot/5490728061
  45. 45. Get security advise! 45
  46. 46. Inform the world 46
  47. 47. Your turn 47 https://www.flickr.com/photos/tmab2003/4277896845
  48. 48. Spread the word 48 https://www.flickr.com/photos/suneko/373310729
  49. 49. Comment on “bad” practices 49 https://www.flickr.com/photos/sebastian_bergmann/3991539605
  50. 50. Learn about the risks 50
  51. 51. Learn the basics of hacking hack.me 51
  52. 52. Use hack cheat sheets ha.ckers.org 52
  53. 53. Continuously unit test! 53
  54. 54. Other resources… 54
  55. 55. PHP Security Checker https://github.com/psecio/parse 55
  56. 56. Essential PHP Security 56
  57. 57. Security Checklist snipe.ly/risk_matrix 57
  58. 58. May the force be with you 58
  59. 59. Questions 59 https://www.flickr.com/photos/colinkinner/2200500024
  60. 60. joind.in/11858 If you like it, thanks. If you don’t, please tell me how to improve 60
  61. 61. Contact us Consulting - Training - Audits - Graphics www.in2it.be - info@in2it.be 61
  62. 62. 62 https://www.flickr.com/photos/psd/2086641
  • JanetCooper23

    Dec. 3, 2021
  • marcostaccolini

    Dec. 4, 2014
  • noithatkhonggiandep

    Dec. 3, 2014
  • LuisPires17

    Nov. 29, 2014
  • toti77

    Nov. 25, 2014
  • OscarRivera35

    Nov. 20, 2014
  • choeungjin

    Nov. 19, 2014
  • relaxnow

    Nov. 18, 2014
  • VampyreBytes

    Nov. 16, 2014
  • BhuvanaNarayanan

    Nov. 15, 2014
  • diovanemonteiro

    Nov. 13, 2014

We all have focussed on best practices and code quality over the past years, but we seemed to forgot the most important aspect of the web: security. This talk gives a good overview on your first-line of defence in your code, how to ensure that new exploits and hacking techniques are covered with tests and how you build solid web applications that secured enough to keep script kiddies and wanna-be hackers away. I will also give some tips what to do when you're company becomes victim of cyber crime.

Views

Total views

2,120

On Slideshare

0

From embeds

0

Number of embeds

146

Actions

Downloads

25

Shares

0

Comments

0

Likes

11

×