Recently I was invited down to Penang for DevFest + GDay George Town 2016 to give a talk on Web Application Security. This is my 3rd year in a row attending (for a panel and last year a talk) and this year I managed to record (most of) my talk with my own camera.
The subject I covered was titled “An introduction to Web Application Security” mainly focused for web application developers (although most principles also apply to mobile and native or embedded apps). The talk covers the basic principles of infosec (CIA), do’s and don’t and the top 5 from the OWASP Top 10.
I thought what was the highest value subject that I have some decent expertise in and is relevant to the audience (mostly young or junior web and mobile devs), last year I already covered CI/CD and the tools used + some agile.
So this year I decided to go back to my roots and dive into security in a fairly holistic manner (without getting too technical).
The slides are up on Slideshare here:
And the (almost) full video is here:
Apologies for the last 5-10 minutes being cut off as the camera battery ran out 🙁
Hope you enjoyed it.