Facebook's Approach to Common Web Vulnerabilities

Ben Mathews (21.Feb.2014 at 15:10, 1 hr )
Talk at PHP UK Conference 2014 (English - US)

Rating: 4 of 5

Facebook's Approach to Common Web Vulnerabilities

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

 
Comments closed.

Comments

Rating: 5 of 5

21.Feb.2014 at 16:43 by Ian Barber (91 comments)

Very interesting talk with a lot of practical examples of the types of problems Facebook have encountered in the past. The advice on creating APIs that were safe by default and simpler for developers to use was really useful, and went beyond the normal list of vulnerability types that makes up many security talks.

Rating: 5 of 5

21.Feb.2014 at 19:37 by Stewart Walter (56 comments)

A well presented talk by a confident speaker.

Rating: 3 of 5

21.Feb.2014 at 23:59 by David Yell (122 comments)

Well delivered and a few interesting things however nothing really new or interesting on the security side

Rating: 4 of 5

22.Feb.2014 at 13:15 by Matt Parker (46 comments)

Really interesting talk. It was nice to see the evolution of approaches taken, and some neat, and new to me ideas (e.g. checking encoding of the letter 'e').

I suppose there's not so much that's immediately actionable, as a lot of the tools used are internal to FB.

Rating: 5 of 5

22.Feb.2014 at 20:21 by Anonymous


Rating: 5 of 5

22.Feb.2014 at 21:11 by Gez Page (12 comments)

A fascinating peek "under the hood" at security solutions of the behemoth that is the Facebook source. Ben clearly outlined the reasoning behind various unusual techniques to combat security issues on a large scale platform as he confidently charged through the talk.

Rating: 4 of 5

23.Feb.2014 at 08:32 by Andy Pieters (22 comments)

Yes, very fascinating to see you cope with vulnerabilities. There were some things I never considered before, such as the XML vulnerability.

I would like to have seen more of the same. Surely there must have been other security related things Facebook had to contend with and overcome.

But very good talk man! If you are there again next year I will definitely attend.

Rating: 5 of 5

23.Feb.2014 at 11:49 by Bastian Hofmann (34 comments)


Rating: 5 of 5

23.Feb.2014 at 17:30 by David Quilter (9 comments)


Rating: 3 of 5

24.Feb.2014 at 09:09 by Alex Patterson (6 comments)

Good talk; not new content for me; however interesting to see how Facebook deal with the issue I face everyday.

I think I would have made more sense having this talk in the main track as it was extremely popular (and therefore hot in the room) - this made it an uncomfortable last 15 minuets for me.

Rating: 3 of 5

24.Feb.2014 at 15:33 by Bobby DeVeaux (15 comments)

I was 5 minutes late to attend this so I couldn't fit in the room. People were overcrowding around the corner and I could hardly hear the speaker...

On the plus side, 4 of my work colleagues attended, and said it was amazing. So I guess I shall watch the recording once it's uploaded :)

Rating: 4 of 5

25.Feb.2014 at 13:40 by Rory Donohue (4 comments)

Thoroughly enjoyed this talk. Very clear presentation, confident speaker, pitched perfectly and full of useful nuggets of info.

Rating: 5 of 5

18.Mar.2014 at 07:48 by Marijus Kilmanas (64 comments)

Very interesting talk, presenting many concepts that go against community standards and best practices, but there is a valid reasoning behind each and every one of them which was clearly communicated. Love to see people ding things differently and thus figuring out new methodologies to achieve the goals (e.g. 'e' escaping test)

© Joind.in 2019