&. |

Warning: I wrote this blog in 2015. That is a long time ago, especially on the internet. My opinions may have changed since then. Technological progress may have made this information completely obsolete. Proceed with caution.

A bit of an announcement: I’m going to be speaking at NCDevCon this year! Here’s the abstract for my session:

Web Application Security 101

Do you nod in agreement when your coworkers talk about SQL injection or XSS, afraid to admit you don’t know what they are talking about? Do security experts make you feel like you can’t learn security if you don’t already know security? If so, this session is for you! I will go over the most common security vulnerabilities in modern web applications, explaining how an attacker might attempt to use them, and how you can protect against them. I’ll demonstrate with practical code examples in Javascript, PHP, and ColdFusion.

This is the first time I’ve applied to speak at one of these things so I’m not quite sure how it will go. I lead training sessions like this at work every once in a while, so hopefully the skills will transfer. In fact, finding out that my topic was selected was actually the main thing that got me to actually set up a new website. After all, I’ll need somewhere to point people to when I say the obligatory “you can find my slides on my website” at the end of the session.