Each of our sessions are digitally broadcast live and feature 3 separate presenters each focusing on a specific aspect of some WordPress topic. Each presenter will have roughly 30-40 minutes allotted for instruction and 15 minutes allotted for Q&A at the end. This means that, typically, the session will run three hours start-to-finish.
About This Session
On Saturday, May 31, Chris Wiegman, Brad Williams, and Tony Perez are coming to teach us the ins and outs of secure development. We’ll be getting an intro to site vulnerabilities (what is XSS, CSRF, and why they matter), then how to protect against dangerous, insecure data in our own development, and finally how to clean a site that has been hacked and infected.
This session will be broadcast live on May 31, starting at 12pm ET.
12pm ET – Understanding Vulnerabilities (XSS, CSRF, WTF!?) – Chris Wiegman
To kick off the session, Chris will be walking us through the many types of vulnerabilities that are common among websites. More importantly, we’ll explore what an attacker can do with each of these types of vulnerabilities.
1pm ET – Data Validation, Sanitization, Escaping, and Nonces – Brad Williams
After learning about the many different types of vulnerabilities and attack styles, Brad will teach you how to protect against them in your code. By using proper sanitization and escaping of data you’ll be able to stop a would-be attacker from using your code as a point of attack.
2pm ET – Cleaning up a site after an attack – Tony Perez
It’s always disheartening when a security breach happens. It’s even more disheartening when the breach is on a site you’re responsible for maintaining. Tony will talk you down from the ledge and help you clean infected sites the right way. It’s surprising how easy it is to bring a site back to normal when you know what to do.
About the Speakers
Chris is the developer of iThemes Security (formerly Better WP Security) and has been working on WordPress security for over 5 years. Previously a captain for a small airline Chris’ interest in security began on his first day as an employed pilot, 9/11 and gradually evolved over the years to helping individuals and smaller organizations protect their websites from many of the common methods attackers use to compromise their victims. When not coding Chris loves to teach and has taught computer security for St. Edward’s University as well as other courses ranging from computers to aviation.
Brad is the co-founder of WebDevStudios.com, a co-host on the DradCast podcast, and the co-author of Professional WordPress (1E & 2E) and Professional WordPress Plugin Development. Brad is also one of the organizers of the Philadelphia WordPress Meetup Group and WordCamp Philly.
Tony is one of the Co-Founders and Chief Operating Officer at Sucuri Inc – a company specializing in the detection and remediation of malware and protection of websites.
Tony has been working in the technology industry, specializing in web based solutions, for the past 11 years. Tony is a certified Project Management Professional (PMP), holds a Bachelor’s of Science degree in Technology Management and is actively pursuing his Masters in Business Administration, specialization in Technology Management.
Follow Tony on Twitter