George Stephanis: Understanding Security Holes

Continue the discussion

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


April 20, 2016

Security is hard. Over the last few months there have been a number of high-profile plugin security vulnerabilities, but there is surprisingly little familiarity in the developer community when it comes to properly evaluating and remedying issues when they are discovered.

In this talk, we’ll be explaining in basic terms how several types of vulnerabilities work (including Cross-Site Scripting (XSS), SQL Injection (SQLI), Cross-Site Request Forgeries (CSRF), and Clickjacking, see what can be done to defend against them, and what to do when you have a vulnerability reported to you.

Please Note: This is a development-oriented talk, but will not get too deep into code.

Presentation Slides »

Rate this:


WordCamp Lancaster 2016 11


George Stephanis 9


security 292


English 9744

MP4: Low, Med, High, Original
OGG: Low
Subtitle this video →
%d bloggers like this: