Beating the Pentester

Boy Baukema (01.Jul.2017 at 10:45, 45 min)
Talk at Dutch PHP Conference 2017 (English - US)

Rating: 3 of 5

You've done it, completed the project, on time and within the budget!
Now the customer says we need to have this audited by a security firm. Uh oh... what will he find? What impact will the results have on our deadlines?
In this talk we will examine what it takes to build security in with development and beat the pentester.

We'll cover topics like Threat Modelling, Validation, Encoding and Defense in Depth with real world vulnerabilities and practical examples in an Agile context. And learn how to remediate those vulnerabilities by using best practices.
You'll walk away with useful principles, practices and techniques to improve the security of your applications.

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

Want to comment on this talk? Log in or create a new account or comment anonymously

Write a comment

 
Please note: you are not logged in and will be posting anonymously!
= four plus five

Comments

Rating: 3 of 5

01.Jul.2017 at 13:24 by Herberto Graca (14 comments) via Web2 LIVE

Good talk about an important subject often neglected. The speaker seemed to be in control of the subject.
Would have been nice to see more code examples if what to do and not to do.

Rating: 3 of 5

01.Jul.2017 at 19:56 by Onno Lissenberg (44 comments)


Rating: 3 of 5

02.Jul.2017 at 14:50 by Pim Widdershoven (29 comments)

Expected a bit more of this talk because I think everybody is aware of the basic security measures. It would be more interesting if there were more practical examples what to do and not to do, tooling, etc.

Rating: 3 of 5

03.Jul.2017 at 11:30 by Ellen Boven (21 comments) via Web2 LIVE

Good overview of topics

Rating: 3 of 5

04.Jul.2017 at 11:19 by Patrick Rombouts (6 comments) via Web2 LIVE

The talk was about basic security practices, while I expected a bit more explanation about how you can act like a pentester and find stuff in your own code. The presentation itself was great.

© Joind.in 2017