90K Reasons Security is a Must - PHPWorld 2014
11 likes2,246 views
The document emphasizes the critical importance of cybersecurity, outlining various threats such as amateur and professional hackers, government surveillance, and business competitors. It provides guidelines for protecting data, including using encryption, secure networks, and adhering to legal regulations. Additionally, it stresses the need for informed awareness and proactive security measures to safeguard against potential attacks.
![Sanitise data, always
<?php
$id = $_GET['id'];
// sanitise tainted data
$clean_id = filter_var($id, FILTER_SANITIZE_NUMBER_INT);
$clean_id = filter_var($clean_id, FILTER_VALIDATE_INT);
if (0 < $clean_id) {
$stmt = $pdo->prepare(
'SELECT * FROM TABLE WHERE `id` = ?'
);
$stmt->bindParam(1, $clean_id, PDO::PARAM_INT);
$stmt->execute();
}
35](https://image.slidesharecdn.com/90kreasonssecurityisamust-phpworld2014-141113123410-conversion-gate01/85/90K-Reasons-Security-is-a-Must-PHPWorld-2014-35-320.jpg)
90K Reasons Security is a Must - PHPWorld 2014
- 1. in 2 it PROFESSIONAL PHP SERVICES 2 https://www.flickr.com/photos/buschap/3112239016 90K reasons why security is a must
- 2. About a year ago 2
- 3. A year later 3
- 4. Today, 2 months later 4
- 6. Neverending awareness 6 https://www.flickr.com/photos/yonolatengo/8338597558
- 7. Why bother? 7 https://www.flickr.com/photos/emagic/56206868
- 8. 8 In the news… https://www.flickr.com/photos/39908901@N06/6923408938
- 9. Yes, you’re a target! 9 https://www.flickr.com/photos/jeepersmedia/14546059371
- 10. Email addresses are valuable! 10 https://www.flickr.com/photos/horiavarlan/4514164700
- 11. One password, many sites! 11 abc123
- 12. Advice on tools!!! Password managers! 12
- 14. Or just use SMS http://twillio.com 14
- 15. Who’s after my data? 15 https://www.flickr.com/photos/teegardin/6093810333
- 17. Amateur hacker 17 https://www.flickr.com/photos/hackny/6203305706
- 18. Professional hacker 18 https://www.flickr.com/photos/equinoxefr/6857174987
- 19. Business Competition 19 https://www.flickr.com/photos/haggismac/5090028513
- 21. What to do against it? 21 https://www.flickr.com/photos/drachmann/327122302
- 22. Cultural differences 22 https://www.flickr.com/photos/robdeman/2390666040
- 23. Legal regulations 23 https://www.flickr.com/photos/puisney/1674586821
- 24. Architectural considerations 24 https://www.flickr.com/photos/niftyniall/12768922813
- 25. Restrict physical access 25 https://www.flickr.com/photos/zapthedingbat/487133720
- 26. Secure your network 26 https://www.flickr.com/photos/99279135@N05/14618342277
- 27. Extra care for privacy data 27 https://www.flickr.com/photos/hyku/368912557
- 28. Use encryption 28 https://www.flickr.com/photos/ideonexus/5175383269
- 29. Lock down your application 29 https://www.flickr.com/photos/simon_cocks/4534589059
- 30. Create security checkpoints 30 https://www.flickr.com/photos/paulk/2212992458
- 31. Track movements 31 https://www.flickr.com/photos/timsamoff/362730755
- 32. Code considerations 32 https://www.flickr.com/photos/nyuhuhuu/4443886636
- 33. Security is not an afterthought! 33 https://www.flickr.com/photos/webb-zahn/10971215425
- 34. Little bobby tables xkcd.com/327 34
- 35. Sanitise data, always <?php $id = $_GET['id']; // sanitise tainted data $clean_id = filter_var($id, FILTER_SANITIZE_NUMBER_INT); $clean_id = filter_var($clean_id, FILTER_VALIDATE_INT); if (0 < $clean_id) { $stmt = $pdo->prepare( 'SELECT * FROM TABLE WHERE `id` = ?' ); $stmt->bindParam(1, $clean_id, PDO::PARAM_INT); $stmt->execute(); } 35
- 36. 36
- 37. Use the right tool for the job 37 https://www.flickr.com/photos/florianric/7263382550
- 38. 38
- 39. 39
- 40. Layered security 40 https://www.flickr.com/photos/feesta/2700575201
- 41. You know all this, right! 41 https://www.flickr.com/photos/sarahreido/3120877348
- 42. Victim of an attack? 42 https://www.flickr.com/photos/marittoledo/8512244945
- 43. Know you’ve been hacked! 43
- 44. Inform everyone ASAP! 44 https://www.flickr.com/photos/bluerobot/5490728061
- 45. Get security advise! 45
- 46. Inform the world 46
- 47. Your turn 47 https://www.flickr.com/photos/tmab2003/4277896845
- 48. Spread the word 48 https://www.flickr.com/photos/suneko/373310729
- 49. Comment on “bad” practices 49 https://www.flickr.com/photos/sebastian_bergmann/3991539605
- 50. Learn about the risks 50
- 51. Learn the basics of hacking hack.me 51
- 52. Use hack cheat sheets ha.ckers.org 52
- 53. Continuously unit test! 53
- 55. PHP Security Checker https://github.com/psecio/parse 55
- 56. Essential PHP Security 56
- 58. May the force be with you 58
- 60. joind.in/11858 If you like it, thanks. If you don’t, please tell me how to improve 60
- 61. Contact us Consulting - Training - Audits - Graphics www.in2it.be - info@in2it.be 61