Web Security 101
Michael Peters will be giving a talk at YAPC::NA 2012 described as:
Security is important in any programming environment but programming for the web has some unique possibilities and hazards. Most web programmers have little to no training in security and lots of web development is done by people who don’t wear a full-time developer hat. Add to this the fact that bad security on a web project can have very public, very embarassing, and sometimes legal consequences.
This talk will walk through the basics of web security without focussing too much on the particular tools that you choose. The concepts are universal, although most examples will be in Perl. We’ll also look at various attack vectors (SQL Injection, XSS, CSRF, and more) and see how you can avoid them. Whether you’re an experienced web developer (we all need reminding) or just starting out, this talk can help avoid being the next easy harvest of The Bad Guys.
[From the YAPC::NA Blog.]
Leave a comment