NYCPHP Meetup

NYPHP.org

[nycphp-talk] September Talk

inforequest 1j0lkq002 at sneakemail.com
Sat Aug 13 00:56:40 EDT 2005


Chris Shiflett shiflett-at-php.net |nyphp dev/internal group use| wrote:

>I'll be giving September's talk and wanted to offer a few possibilities 
>to see what people are interested in hearing - if anything. :-) The talk 
>I give doesn't have to be an existing talk but can be a medley of topics 
>of your choosing, so feel free to mix and match or suggest specific 
>areas of interest.
>
>1. PHP Security Briefing
>    Beginner/Lecture
>    60 Minutes
>
>2. PHP Security Audit HOWTO
>    Intermediate/Lecture
>    60 Minutes
>
>The first is a general talk covering many bases, including best 
>practices, common vulnerabilities, and popular attacks. The second is a 
>more specific talk that describes the art of the PHP security audit, 
>including tips that I've picked up over the last few years.
>
>Other topics I can speak on include HTTP, state, and sessions, although 
>these tend to be a bit less exciting. :-)
>
>Chris
>

I caught your "Audit How To" talk in Vancouver and it was very good, 
thanks. I know the NYPHP audience would appreciate that one.

If you also showed how past FOSS PHP alerts (such as those listed by 
Secunia) fit the models, and thus could have been detectred by the audit 
process, that would push it over the top quality-wise.

-=john andrews
www.seo-fun.com having fun in the Pacific Northwest





More information about the talk mailing list