EPISODE · Jan 19, 2018 · 59 MIN
141: Web Application Security, Part 2 with Scott Arciszewski
from Three Devs and a Maybe · host Michael Budd, Fraser Hart, Lewis Cains, Edd Mann
In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography. We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements. This leads us on to look into how to securely handle file uploads, what a reverse shell is and how to defend yourself against XSS/CSRF attacks. From here we touch upon the recent inclusion of libsodium into PHP, why mcrypt should be avoided, and the side-channel vulnerabilities that brought way to Meltdown and Spectre. Finally, we mention how computers generate seemingly random numbers, what a Web Application Firewall (WAF) is, and how WARD goes about protecting your systems.
What this episode covers
In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography. We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements. This leads us on to look into how to securely handle file uploads, what a reverse shell is and how to defend yourself against XSS/CSRF attacks. From here we touch upon the recent inclusion of libsodium into PHP, why mcrypt should be avoided, and the side-channel vulnerabilities that brought way to Meltdown and Spectre. Finally, we mention how computers generate seemingly random numbers, what a Web Application Firewall (WAF) is, and how WARD goes about protecting your systems.
NOW PLAYING
141: Web Application Security, Part 2 with Scott Arciszewski
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Mar 19, 2026 ·34m
Feb 18, 2026 ·11m
Feb 11, 2026 ·45m