141: Web Application Security, Part 2 with Scott Arciszewski episode artwork

EPISODE · Jan 19, 2018 · 59 MIN

141: Web Application Security, Part 2 with Scott Arciszewski

from Three Devs and a Maybe · host Michael Budd, Fraser Hart, Lewis Cains, Edd Mann

In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography. We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements. This leads us on to look into how to securely handle file uploads, what a reverse shell is and how to defend yourself against XSS/CSRF attacks. From here we touch upon the recent inclusion of libsodium into PHP, why mcrypt should be avoided, and the side-channel vulnerabilities that brought way to Meltdown and Spectre. Finally, we mention how computers generate seemingly random numbers, what a Web Application Firewall (WAF) is, and how WARD goes about protecting your systems.

Episode metadata supplied by the publisher feed · Published Jan 19, 2018

In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography. We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements. This leads us on to look into how to securely handle file uploads, what a reverse shell is and how to defend yourself against XSS/CSRF attacks. From here we touch upon the recent inclusion of libsodium into PHP, why mcrypt should be avoided, and the side-channel vulnerabilities that brought way to Meltdown and Spectre. Finally, we mention how computers generate seemingly random numbers, what a Web Application Firewall (WAF) is, and how WARD goes about protecting your systems.

PodParley-generated summary based on available episode metadata and transcript content.

NOW PLAYING

141: Web Application Security, Part 2 with Scott Arciszewski

0:00 59:29

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

Frequently Asked Questions

How long is this episode of Three Devs and a Maybe?

This episode is 59 minutes long.

When was this Three Devs and a Maybe episode published?

This episode was published on January 19, 2018.

What is this episode about?

In this weeks episode we continue our discussion with Scott Arciszewski about all things Security and Cryptography. We start off the show by highlighting what a SQL injection attack is and the differences between (emulated) prepared statements. This...

Can I download this Three Devs and a Maybe episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!