October 22, 2018 — Las 3 preguntas recurrentes que me plantean cuando alguien se entera que trabajo en el mundillo de la seguridad web son:
· Cómo sé si me han hackeado mi sitio web,
· qué hacer si ha ocurrido y
· cómo puedo evitarlo.

En esta charla, veremos varios ejemplos que me he encontrado durante estos últimos años con los que podremos guiar a un ojo inexperto, facilitando la detección de anomalías lo antes posible. Una vez constatado que algo raro ocurre, veremos una checklist de contramedidas para cada caso. Y, por último, veremos algunas recomendaciones para que no vuelva a ocurrir.

October 21, 2018

October 21, 2018

September 24, 2018 — Kamil opowie o błędnych praktykach chronienia serwisu WWW. Jak zapewnić sobie złudne poczucie bezpieczeństwa. Obalimy mity związane z bezpieczeństwem i dlaczego zależy ono od nas samych, a nie WordPressa czy serwera.

Presentation Slides »

September 24, 2018 — BarCamp Track

August 22, 2018 — The talk is about WordPress security best practices. How to enhance and implement security practices in WordPress. The session is delivered by Shakir Ali who is a system engineer at 10UP.

Presentation Slides »

August 22, 2018 — WordPress security can be a difficult thing to get right. There are a number of things that go into a secure web site. In this quick talk, I will highlight the things I believe are the most important steps you can take to secure your site. You will learn in just 15 minutes how to ensure that your site is well protected from malicious actors.

Presentation Slides »

August 16, 2018 — As more and more services get digital these days, security has become a major aspect of every application. Especially when it comes to third-party code, it is really difficult to guarantee safety. But in general, XSS and Code Injection are a major problem these days.

Content Security Policy provides another layer of security that helps to detect and protect against different attacks. In this talk, I will introduce this concept and its main features, as well as show good and bad example usages.

Presentation Slides »

August 11, 2018 — I will discuss the tactics the attackers use to exploit code, the most common ways developers introduce insecure code to a site, and what you can do to help avoid these issues. You will learn, from the many security failures I have seen what not to do when adding a new feature to a site’s code.

August 11, 2018 — I will discuss the tactics the attackers use to exploit code, the most common ways developers introduce insecure code to a site, and what you can do to help avoid these issues. You will learn, from the many security failures I have seen what not to do when adding a new feature to a site’s code.