Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

WordPress Security (know your enemy WordCamp Kyoto)

648 views

Published on

Discussion on common attacks and mitigation for WordPress websites, with a quick discussion on the risks of using PHP's serialize() function.

Published in: Internet
  • Be the first to comment

  • Be the first to like this

WordPress Security (know your enemy WordCamp Kyoto)

  1. 1. WordPress Security Know your enemy Robert Rowley Head of Security
  2. 2. IntroductionIntroduction
  3. 3. Who Here Has Been Hacked? Who Here Has Been Hacked?
  4. 4. Understanding Risk
  5. 5. Targets
  6. 6. There Are No Targets There Are No Targets
  7. 7. Game of Numbers
  8. 8. Controlling Resources
  9. 9. Maximizing Proft
  10. 10. Brute Forcing Passwords
  11. 11. Securing Passwords
  12. 12. Exploiting Outdated Software
  13. 13. Updates && Automation
  14. 14. Do Not Forget Your Plugins Or Theme
  15. 15. Consider Becoming A WordPress Purist
  16. 16. Monitoring
  17. 17. No Single Tool Does Every Job No Single Tool Does Every Job
  18. 18. Misconceptions
  19. 19. Some (Scary) Stories... Some (Scary) Stories...
  20. 20. unserialize()unserialize()
  21. 21. unserialize()unserialize()
  22. 22. unserialize()unserialize()
  23. 23. unserialize()unserialize()
  24. 24. SummarySummary
  25. 25. Questions?
  26. 26. FIN Email: Robert.Rowley@pagely.com

×