Archive for Web-security tag
Web Application Security for Developers presentation
Last nights Guernsey Software Developers Forum meeting was sparsely attended with a number of the regulars attendees absent. There were however two new faces including Kezzer who I’d been chatting to on-line for years.
Hopefully the low numbers were down to the seasonal summer holidays and the subsequent knock-on effect that we couldn’t get email out to the BCS Guernsey division to gather sufficient awareness.
I did a short presentation on Web Application Security for Developers that covered HTML injection, SQL injection and cross-site scripting including some live demonstrations on sample code. Slides and sample are available although without audio or screen cast of the demonstrations until I work out how to do that with Keynote.
Download Web Application Security for Developers (Flash) (1 MB)
Download Web Application Security for Developers (PDF) (120 KB)
Download Sample of vulnerable and secure code (ASP.NET) (196 KB)
I’ve come to the conclusion that putting presentations together takes me around 1 hour of preparation to 1 minute of presentation…
[)amien
Web Application Security presentation in Guernsey
This presentation is now available on-line.
I will be giving a talk about web application security tonight at the Guernsey Software Developers Forum.
Web application security is a very large subject I will only be covering SQL injection, HTML injection/cross-site scripting and input manipulation. If there is enough interest I’ll consider covering other subjects such as session hijacking, defensive programming, hashing etc. in a future talk.
As always the doors are open to everyone opening at 6pm tonight (Wednesday 15 August 2007) at the Guernsey Training Agency above the Post Office in Smith Street.
The talk will last around 30 minutes but the meetings tend to go on to around 7:30pm for those that want to discuss it or other developer topics.
[)amien