Web Application Security Boot Camp

Unlearn everything you thought you knew about building Web applications! This highly interactive session will first look at some common Web exploits to determine how and why they occur. Then we’ll explore many of the common pitfalls that allow Web applications to be exploited, with detailed examples and discussions around best practices to prevent them. We’ll delve into many aspects of Web application development that most books and training courses leave out, such as the proper uses of GET and POST; the best ways to authenticate users; when, what, where, and how to validate when it comes to user input; proper database techniques to avoid SQL injections; and system tweaks and third-party libraries that can help you make your applications more secure. This session is designed for anyone that does any kind of server-side scripting or Web application development. Most examples will be based on a PHP and Apache environment, but the concepts discussed apply to Web applications running on any platform. You will leave with a new way of thinking about the applications you build, allowing you to write better code.