Security Theatre

Thomas Shone (29.Jan.2016 at 14:40, 1 hr )
Talk at PHPBenelux Conference 2016 (English - US)

Rating: 4 of 5

Security Theatre

Who are you?

Claim talk

Talk claims have been moved to the new Joind.in site.

Please login to the new site to claim your talk

 
Comments closed.

Comments

Rating: 4 of 5

29.Jan.2016 at 16:11 by Jos Elstgeest (31 comments) via Web2 LIVE

Nice talk on the whole view of security layers and how we need to pay attention to all of them.

One note, there's an error in your password update slide it should be $newPassword = password_hash($password, PASSWORD_DEFAULT); instead of password_verify($password, PASSWORD_DEFAULT) in the password_needs_rehash block

Rating: 5 of 5

29.Jan.2016 at 17:05 by Bart Reunes (46 comments) via Web2 LIVE

Very comprehensive talk, with some scary insights. Great, confident speaker, great tips.

Rating: 4 of 5

30.Jan.2016 at 11:29 by Pim Widdershoven (29 comments)

Wake up call that security is more then only the little piece of software you are writing. Nice talk!

Rating: 5 of 5

31.Jan.2016 at 11:38 by Rob ter Haar (17 comments) via Web2 LIVE

Nice talk with some new insights. And nice examples how it can be go wrong also when you have the security ok

Rating: 4 of 5

31.Jan.2016 at 16:33 by Antwan van der Mooren (15 comments) via Web2 LIVE

Nice overview, very shocking results for open source packages that are not getting their regular updates...

Rating: 4 of 5

31.Jan.2016 at 18:02 by Bert Van de Casteele (56 comments) via Web2 LIVE

Did not attend the talk itself, but judging from the slides alone the whole webdev world needs a big wakeup call :)

Rating: 4 of 5

31.Jan.2016 at 20:15 by Tom Cannaerts (36 comments) via Web2 LIVE

Always nice to see results from actual real-world investigation.

Rating: 3 of 5

01.Feb.2016 at 12:07 by Peter Slagter (17 comments) via Web2 LIVE

Great job at presenting an overview of security layers, and explicitly pointing out that secure PHP code is only a tiny part of a stack that could be (in)secure as a whole.

I had some difficulty following the presentation because of 1) unreadability of slides and 2) the way you used slides.

As for point 1: the quality of the beamer and the size of the screen didn't really help. But slides with graphs would have been hard to read and interpret anyway.
Point 2: this is very personal. If i see a slide with large amounts of text, I start reading and focus on the slide, instead of the story. There were many slides that exactly showed what you told. I prefer slides that support your story (eg. what you say), instead of the other way around.

Rating: 5 of 5

01.Feb.2016 at 12:29 by Jeroen Boersma (54 comments) via Web2 LIVE

I found it a nice tech talk to start of with, developers do get lazy(including myself, but hey, thats my job, ahum) over time and thats where security risks derive from, also, we are not perfect.

It is nice to see that there is a lot one can find out without even knowing the source entirely, I've researched some myself by just Googling in the past. Now Thomas show some stats and gives us insights how we all can make a software a little saver.

Rating: 5 of 5

05.Feb.2016 at 10:13 by Mike Simonson (64 comments) via Web2 LIVE

Really scary graphics.

Rating: 4 of 5

05.Feb.2016 at 10:22 by Scato Eggen (25 comments) via Web2 LIVE

Entertaining talk with a fair number of good points (like including users in building security into an app).

© Joind.in 2019