Vulnerability Scanning for your Website

Lisa Bock (10.Feb.2018 at 17:15, 1 hr )
Talk at SunshinePHP 2018 (English - US)

Rating: 3 of 5

Web sites are prone to security risks, and are a target for common attacks such as Cross Site Scripting, and SQL injection, which can result in exposure of sensitive data and even more aggressive attacks. Vulnerability scanning checks for known vulnerabilities and generates a report that the developer can use to fix web site vulnerabilities. Join Lisa Bock as she reviews some common scanners that even an average user can run. Vulnerability scanning is inexpensive, as most scanners are well under $1500, and many are free and can provide a great deal of information. Participants will learn that scanning a website to check for vulnerabilities is an important exercise, and regulations such as PCI, GLBA, Sarbanes Oxley, HIPAA or FISMA many times require periodic scanning. Vulnerability Scanning is an important first step in reducing overall risk, as most vulnerabilities can be addresses and reduced if not removed entirely.

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

 
Comments closed.

Comments

Rating: 1 of 5

10.Feb.2018 at 17:59 by Emil Gallant (10 comments) via Web2 LIVE

The description of the talk did not match the actual presentation. No information was presented that couldn't already be considered "common sense". The single example of SQL code came from the 90's and the only mention of tools/scanners was as an aside while talking about the OWASP website. Online security is a huge concern and developers definitely need education about threats but this was not the place to get that. It felt like this was a recycled presentation that was originally intended for non-computer folks, it was certainly not aimed at seasoned or even casual developers.

Rating: 4 of 5

11.Feb.2018 at 17:08 by Scott Hardie (17 comments) via Web2 LIVE

Good talk, covering the importance of vulnerability scanning and suggesting lots of tools for the job. I would have appreciated more pros-and-cons comparison of the many tools, especially the server-side tools since both large applications that I manage are locked to the public and probably won't work with the web-based tools shown.

Rating: 4 of 5

13.Feb.2018 at 13:50 by Mark Niebergall (120 comments) via Web2 LIVE

Lisa had great enthusiasm and covered a variety of topics related to security. While the talk title wasn't the main focus, I still felt like the content was applicable and important to attendees. Good talk.

© Joind.in 2018