Friday, June 24, 2011

In Response To: Building Secured Web Applications Using PHP - The Basics

Today an article popped into my feed reader that raise my eyebrows.  The article's title is "Building Secured Web Applications Using PHP - The Basics".  The summary of the item looked interesting, so I decided to open it up...

What I found blew me away.  It was filled with loads of bad information including some down-right wrong suggestions.  Let me go through point by point and shed some light on the subject...

Tuesday, June 21, 2011

A Talk On XSS - NYPHP in collaboration with OWASP

Well, my next talk is scheduled!  It will be June 30th, 2011 at NYPHP.  It's the first of a series of talks in collaboration with OWASP, going over each of the top 10 vulnerabilities.  This talk will be on Cross Site Scripting (XSS).

I'm going to go over what XSS is, and why it matters.  We will go into detail on the different facets and types of XSS that exist today.  Then, we will examine a real-world application that has known vulnerabilities (both looking for vulnerabilities and exploiting them).  Finally, we will talk about how to prevent XSS with PHP using a variety of techniques.

I am going to try to have the presentation recorded and either streamed live or posted as a YouTube video later.

If you are in the New York area, come on it!  But reserve your seat early, space is limited.

RSVP Required:
June 30th, 2011 at 6:30PM (sharp)
Suspenders Restaurant, 111 Broadway, New York, NY
Online (all attendees MUST RSVP)
Networking/drinks location to be announced at the meeting.

Sunday, June 19, 2011

Slides From Recent Presentations on SQL Injection

Hello all.  It's been a little while since my last post, but I haven't disappeared.  In fact, I've been quite busy...