To be honest, i really don’t know how to call this up-coming event since i don’t organise any sort of technical meetup except for CTF or drinking.
VXSecurity is run by a group of friends in SG committed to the spread of hacker culture & free/open-source software by continuously writing technical articles. We try to provide a platform for like-minded people in SG who are currently building or breaking things (be it for charity, business or pleasure).
We usually hold workshops and give presentations in local Universities. So this technical meetup is kind of a new experience for us.
We firmly believe that breaking & building is a good way forward for any type of good innovation. As an extension to that, we think that tinkering is good for everyone to try and learn new things. I am also glad that NSHC had let us use their meeting room for this event and the students from NUSGreyHats are helping me setting this up.
Thanks a lot. 😀
|When||Monday 06th July 2015|
|Where||8 Shenton Way, #04-01 AXA Tower, Singapore 06811|
|After Talks||Nothing planned at this point of time|
Securing the Tangled Web: Preventing Script Injection Vulnerabilities through Software Design – Meder Kydyraliev
Beginner (presentation of concepts described in the paper with the same title by Christoph Kern )
If you’ve developed software, you’ve probably been told at least once that security should be built into your application. But what does it mean? It’s clear that modern web application frameworks are too busy trying to make security “easy”, some with the goal of never exposing developers to it at all. In this talk I’ll present an example of building security into your application and why I think it’s not a good idea to hide security critical pieces of your application.
Meder has been working in the area of application security for nearly a decade. He’s poked at, broken, and helped fix a lot of code businesses and parts of the Internet depends on (Struts2, JBoss Seam, Google Web Toolkit, and Ruby on Rails, to name a few). Some of the things that excite him include: karaoke, server-side security, kumys and making software security easier.
Thanks & Regards