‘security’ Videos

  • Christoph Rumpel: Content Security Policy 101

    Christoph Rumpel: Content Security Policy 101

    WordCamp Vienna 2018Speaker: Christoph Rumpel

    August 16, 2018 — As more and more services get digital these days, security has become a major aspect of every application. Especially when it comes to third-party code, it is really difficult to guarantee safety. But in general, XSS and Code Injection are a major problem these days.

    Content Security Policy provides another layer of security that helps to detect and protect against different attacks. In this talk, I will introduce this concept and its main features, as well as show good and bad example usages.

    Presentation Slides »

  • Robert Rowley: Making Security Simple for-Plugin Developers - Part 2

    Robert Rowley: Making Security Simple for-Plugin Developers – Part 2

    WordCamp Europe 2018Speaker: Robert Rowley

    August 11, 2018 — I will discuss the tactics the attackers use to exploit code, the most common ways developers introduce insecure code to a site, and what you can do to help avoid these issues. You will learn, from the many security failures I have seen what not to do when adding a new feature to a site’s code.

  • Robert Rowley: Making Security Simple for-Plugin Developers - Part 1

    Robert Rowley: Making Security Simple for-Plugin Developers – Part 1

    WordCamp Europe 2018Speaker: Robert Rowley

    August 11, 2018 — I will discuss the tactics the attackers use to exploit code, the most common ways developers introduce insecure code to a site, and what you can do to help avoid these issues. You will learn, from the many security failures I have seen what not to do when adding a new feature to a site’s code.

  • shogomuranushi: VPSやレンサバのままでAWSを用いてセキュリティやパフォーマンスを強化する

    shogomuranushi: VPSやレンサバのままでAWSを用いてセキュリティやパフォーマンスを強化する

    WordCamp Osaka 2018Speaker: shogomuranushi

    August 8, 2018 — AWSってサービスが多くてよく分からない。個人でEC2立てたけどどうしたらいいか分からない。という方、業務でAWSの第一歩を踏み出してみませんか?

    いきなりEC2上でWordPressを作るとかだと二の足踏むかと思うので、VPSやレンサバのままで、非常に費用対効果の高い第一歩を踏み出せる話をします。

    主に、AWSのWAFを用いたセキュリティ強化やCloudFrontを用いたパフォーマンス強化、S3を用いたソーリーページの構築などのお話をします。

    Presentation Slides »

  • Co WP neimplementuje zrovna nejlépe od Michal Špaček

    Co WP neimplementuje zrovna nejlépe od Michal Špaček

    WordCamp Prague 2017Speaker: Michal Špaček

    July 28, 2018 — Přednáška od Michala Špačka na téma Co WP neimplementuje zrovna nejlépe.
    Pomůže jim to pochopit některá zákoutí bezpečnosti na webu a snad
    i pochopit, proč by se mělo řešit to, co se zas tolik neřeší. Jsem tajemný, co?

  • Miriam Schwab: Content security policies: a whole new way of securing your website that no one knows

    Miriam Schwab: Content security policies: a whole new way of securing your website that no one knows

    WordCamp Europe 2018Speaker: Miriam Schwab

    July 5, 2018 — Content security policies (CSPs) are a relatively new security element on the web horizon. CSPs use browsers to detect and mitigate certain types of attacks like cross-site scripting (XSS), clickjacking and other code injection attacks resulting from execution of malicious content in the trusted web page context. CSPs can be used for simple purposes like enforcing https on SSL-enabled sites, to more sophisticated uses like authorizing only truly trusted sources and blocking others.

    Most sites do not have CSPs installed, but it’s important to be aware of them and how they can be used to add an additional layer of security to your website.

    Presentation Slides »

  • Jim Grant: Getting Started With WordPress Security

    Jim Grant: Getting Started With WordPress Security

    WordCamp Kansas City 2018Speaker: Jim Grant

    June 11, 2018 — Jim Grant of Simply Creative Media will cover the ins and outs of the importance of WordPress website security, using a SSL (secure sockets layer) certificate and encryption on your website, best practices and WordPress plugins to help you secure your WordPress website.

    Presentation Slides »

  • Jamie Schmid: Making Security Make Sense to Users and Clients

    Jamie Schmid: Making Security Make Sense to Users and Clients

    WordCamp Raleigh 2018Speaker: Jamie Schmid

    June 10, 2018 — As someone who builds WordPress websites for clients, you’ve probably learned that offering (or requiring) monthly maintenance contracts is smart business. It’s likely you’re including core software, plugin and theme updates as part of your maintenance plan, which ensures a steady income stream you can rely on and helps with your financial forecasting. But are you including website security as part of your project proposal and scope?

    The security of your clients’ websites is often not a priority or is left till the end of a project as an optional add-on for the client to consider after going live. The value of a strong website security posture can be difficult to explain to clients, but when put in the context of their business and possible loss of revenue, it can become an integral part of your offering that separates you from the rest.

    In this session, Jamie will cover simple website security best practices that you can implement immediately for your own site and those of your clients. In addition, she’ll also offer advice and examples on how to best present the importance of website security during the proposal, scope, and maintenance package stages to your clients. Not only does this ensure your maintenance plans offer what every website needs, but also presents an additional revenue stream opportunity for your business.

  • Arun Bansal: WordPress Security Master Plan

    Arun Bansal: WordPress Security Master Plan

    WordCamp Delhi 2017Speaker: Arun Bansal

    June 4, 2018 — This talk will help you understand a “Big Picture” of why and how WordPress websites get hacked and how to secure them. You will come to know about various attack vectors used by hackers and understand fundamentals on how you can easily defend against them.

    You will also get to know about ongoing maintenance required and how you can recover from an Attack.

    Takeaways:
    Initial Security Setup Checklist
    Maintenance Checklist
    How to Recover from Hack
    Tools & Plugin To Help Secure Your Website

  • Adam Warner: Making Security Make Sense to Users/Clients

    Adam Warner: Making Security Make Sense to Users/Clients

    WordCamp Hamilton 2018Speaker: Adam Warner

    June 4, 2018 — As someone who builds WordPress websites for clients, you’ve probably learned that offering (or requiring) monthly maintenance contracts is smart business. It’s likely you’re including core software, plugin and theme updates as part of your maintenance plan, which ensures a steady income stream you can rely on and helps with your financial forecasting. But are you including website security as part of your project proposal and scope?
    The security of your clients’ websites is often not a priority or is left until the end of a project (or sale?) as an optional add-on for the client to consider after going live. The value of a strong website security posture can be difficult to explain to clients, but when put in the context of their business and possible loss of revenue, it can become an integral part of your offering that separates you from the rest.
    In this session, Adam will cover simple website security best practices that you can implement immediately for your own site and those of your clients. In addition, he’ll also offer advice and examples on how to best present the importance of website security during the proposal, scope, and maintenance package stages to your clients. Not only does this ensure your maintenance plans offer what every website needs, but also presents an additional revenue stream opportunity for your business.