This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
“You will be about to lose, Ender, but you will win. You will learn to defeat the enemy. He will teach you how.” We got hacked. | |
It happens. We found that our web _site_ protections are helpless in defending a web _service_ attack. HTTPS does not protect | |
passwords. I show you what security techniques are not good enough _and why_. Our PHP web services architecture is tough and mean | |
and prickly. The attackers do not like it. I show you what we did. Here are the tools and mind-set you need to send the enemy | |
looking elsewhere for an easier target. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WHAT CHANGED: Title and description | |
Title: Right Attitude in Securing your Web Services | |
Level: Intermediate | |
Duration: 50 minutes including 10 for questions | |
Description: | |
Knowing how to secure your web SITE does not translate into knowing how to | |
secure your web SERVICE. Your website is friendly to humans. You can fend off | |
attacks with CAPTCHA and other ways of detecting and rejecting automated |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Title: Learning from the Enemy: Designing Your Web Service Security Architecture | |
Level: Intermediate to Advanced | |
Duration: 50 minutes including 10 for questions | |
Description: | |
Best practices don't matter once the enemy breaks through your security. What | |
matters is stopping the enemy. We'll let the enemy show us how. | |
You've heard of Authentication and Authorization. We'll learn why they do NOT | |
work with web services. We'll see that OAuth 2.0 does not answer our need. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
WHAT CHANGED: TITLE AND DESCRIPTION | |
Title: Using Encryption in PHP | |
Level: All | |
Duration: 50 minutes including 10 for questions | |
Description: | |
Using encryption sounds simple. It is! The trouble is that encryption is | |
extremely difficult to get right. In fact it's a great way to grab news | |
headlines when you get it spectacularly wrong. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Title: The Rhythm of Test-Driven Development | |
Level: All; unit testing experience helpful | |
Duration: 50 minutes including 10 for questions | |
Description: | |
Test-Driven Development (TDD) would seem to be all about the tests. But if you | |
focus on writing the tests, you miss most of the value. In my experience, TDD | |
can take 2-3 times longer in initial development time. The most-often-stated | |
value comes with the lack of debugging time needed with production deployment. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Title: Unit Test Design with Mockery | |
Level: For anyone with PHPUnit working knowledge | |
Duration: 50 minutes including 10 for questions | |
Description: | |
When your PHP code must work through other classes, functions, APIs, and | |
databases, those dependencies become a formidable challenge to writing your | |
unit tests. You may find yourself spending an hour getting structures | |
set up for a three-line test. Things can easily get out of hand. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Title: Securing your Web Services (half day) | |
Level: All | |
Duration: Half day (3.5 hours) | |
Description: | |
Knowing how to secure your web SITE does not translate into knowing how to | |
secure your web SERVICE. This three-part teaching session provides you skills | |
needed for securing your own RESTful web services in PHP: | |
1. What is different about web services, and why site protections such as |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
EDIT: Changed title/description again, description is 470 of 500 available chars. | |
Title: Big Iron and Bare Metal: PHP Lessons from Cold War Supercomputing | |
Type: Regular (1 hour including Q&A) | |
Description: | |
The original CRAY-1 Supercomputer was a 5-ton monster with just 8 MB of main | |
memory, yet programming it can be a fun way to explore subtleties of | |
PHP coding. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Edit: Revised description per elezar, dfeldman, edunham | |
Title: Producer-Consumer Programming in CakePHP/RabbitMQ | |
Type: Regular (1 hour including Q&A) | |
Description (495 of 500 chars): | |
When you try to do too much during a page load, your site gets slower and | |
slower. Producer/Consumer programming allows us to move some of the work | |
offline, allowing your web server to run that much faster. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Edit: Changed description per edunham | |
Title: Beginning to Design for Scale with RabbitMQ | |
Type: Regular (1 hour including Q&A) | |
Description (479 of 500 chars): | |
When your app outgrows a single server, you begin to encounter logjams, | |
queues filling up, and other problems of scale. Code becomes more | |
complicated. |
OlderNewer