March 3, 2023 — Earlier this year, we looked at the theory behind developing WordPress plugins and themes securely. We covered how to develop a security mindset, and the guiding principles of secure development, and looked at the five examples of these principles, Sanitizing Data, Validating Data, Escaping Data, Nonces, and User Roles and Capabilities.

In this session, we will look at how these principles are applied in real-world examples, by understanding common security vulnerabilities, how they can be exploited by would-be attackers, and what you can do to prevent them.

Presentation Slides »

September 24, 2018 — BarCamp Track

Presentation Slides »

October 27, 2016 — According to Google, 55,000 sites got compromised per week. As we know, WordPress runs majority of the content-driven websites in the world. It then became the number one target for hackers and phishing scammers. In this presentation you will learn the What, How, Why, Where, by following an up to date security checklist with steps to prevent and avoid your WordPress getting hacked.

Presentation Slides »

July 3, 2016 — Security can be complex, intimidating, and even frightening. Don’t let the enormity of it scare you into inaction. Learn what some of the security researchers and security professionals deal with, and then find out some simple steps you can take to secure your sites.

Presentation Slides »

August 5, 2015 — Theme security is an intimidating topic for both new and experienced developers but ignoring the issue will make you a target and leave your site vulnerable to attacks. In this talk you’ll learn theme security best practices, the common types of attacks, and many of the functions that WordPress and PHP provide to keep your site safe.