Introducing the OWASP Top 10

Gary Hockin (05.Mar.2016 at 13:00, 50 min)
Talk at Midwest PHP 2016 (English - US)

Rating: 5 of 5

Introducing the OWASP Top 10

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

 
Comments closed.

Comments

Rating: 5 of 5

05.Mar.2016 at 13:50 by Coni Gehler (8 comments) via Web2 LIVE

I was already familiar with the OWASP Top 10, but this talk really made it so much clearer, with the understandable explanations and real-world examples. Entertaining, too. Thank you!

Rating: 4 of 5

05.Mar.2016 at 13:50 by Woody Gilk (25 comments) via Web2 LIVE

Excellent topic and really good delivery. We all need to be reminded about basic security concerns when dealing with web apps. I would have enjoyed a few more code samples that highlight the best practices that were mentioned.

Rating: 5 of 5

05.Mar.2016 at 13:51 by Bob Lindner (14 comments) via Web2 LIVE

Great high-energy speaker with fun examples. Highly recommended. This talk peels back some layers of abstractions the frameworks give you (filtering, escaping) and reminds you of everything you should be thinking about!

Rating: 5 of 5

05.Mar.2016 at 13:51 by Tim Lindner (6 comments) via Web2 LIVE

Good refresher on simple things we can do to be more secure! Great speaker and talk.

Rating: 5 of 5

05.Mar.2016 at 13:58 by Riley Major (61 comments) via Web2 LIVE

Well-delivered overview of important security concepts. The visualizations were entertaining and helpful, driving home the real-world effects of the vulnerabilities. They underscore the point that it's not just about throwing up an alert box and giggling.

Could have used a little more explanation about using CSRF tokens.

Also, I was shocked I didn't see reference to the iconic Bobby Tables.

https://xkcd.com/327/

Thanks for putting together this presentation.

Rating: 5 of 5

06.Mar.2016 at 00:49 by Steve Meyers (46 comments) via Web2 LIVE

Good explanations and examples, and presented in an enjoyable way.

Rating: 5 of 5

06.Mar.2016 at 23:26 by Aaron Piotrowski (11 comments) via Web2 LIVE

Great talk highlighting the top security vulnerabilities in web applications and what can be done to avoid them. I like that you highlighted the general mantra to always filter input and escape output. Speaker had a lot of energy and a good sense of humor to add excitement to what can otherwise be a very dry topic.

As a suggestion, include that any point where data leaves from or arrives to the application can be considered input and output. For example, data going into a database query can be considered output and should be escaped. Data from a API response can be considered input and should be filtered.

Rating: 4 of 5

10.Mar.2016 at 17:02 by Jeremiah Sandahl (23 comments) via Web2 LIVE

I wasn't aware of the OWASP top 10 before this presentation. I thought it was a solid, well-articulated presentation.

© Joind.in 2019