Nebraska.Code() Sessions tagged security

Website Security for Web Developers: What You Need To Know

We live in a world full of news articles about hacking attempts, successful hacks, and malware spreading like wildfire. It is important to have an understanding of how, as web developers, we can work to ensure our systems are secure. Often times security, and related, concepts are discussed, but never fully implemented. This session will take a deep dive into considerations, tools, and techniques to ensure that your developed applications are secure, and that you have tools necessary to validate the security.

We will review various web security techniques including the proper usage of SSL Certificates, additional HTTP Headers for Browser security support, automation methods of validating integrity of your application, the OWASP Top 10 Issues list, and the role of security assertions from third-party vendors. After this sessions, developers will have a toolbox of items to review, and reference materials to further educate themselves on common security pitfalls that impact developers.

Speaker

Mitchel Sellers

Mitchel Sellers

CEO, IowaComputerGurus, Inc.

Application Security or Hacking yourself everyone else is...

Software security isn't a tool or a library, everyone knows that you should check your parameters, and watch out for SQL injection, but is that really enough? If you have never had the opportunity to spend time hacking your own applications, you are really doing yourself a disservice. More than ever, the web is becoming an increasingly hostile environment, and because of it developers really need to step up their game. In this session we will go over some of the methodologies that we use internally to test applications, helping developers to think more strategically about designing applications for general security. As part of this conversation I will go over active attacks that we have seen against production sites using steralized examples.

Speaker

James McKee

James McKee

Solutions Developer / Enterprise Architect / Security Analyst, 10-4 / Trimble

Privacy By Design: Software Development in the age of GDPR

This conversation is an indepth dive into the Important parts of GDPR for software developers. Even though GDPR is a European standard, there's no denying that this is the direction that the software industry is going, more emphasis will be placed on protecting the data that customers and businesses rely on. In this conversation we will discuss the GDPR, the impacts of this law, and what can be done from the software development side to make sure we develop software that follow defense in depth practices.

Speaker

James McKee

James McKee

Solutions Developer / Enterprise Architect / Security Analyst, 10-4 / Trimble