Web Security Breaches with Troy Hunt
While at NDC, Carl and Richard chat with Troy Hunt about specific common web security breaches and things you can do about them. The conversation starts out with a continuation of an earlier show, talking about the vulnerabilities around open WiFi connections. From there, Troy talks about the most common breach of them all - SQL Injection. Yes, it's still a problem. Troy also digs into the importance of transport layer security, typically using SSL. There's a reason all the big web sites have switched to HTTPS all of the time. Maybe it's something you should consider also?
Guests:
Troy Hunt
Troy Hunt is a Pluralsight author, Microsoft Regional Director and MVP and a world-renowned internet security specialist. He spends his time travelling the world speaking and running workshops where he teaches developers how to break into their own systems before helping to piece them back together to be secure against today’s online threats. He’s also the creator of “Have I been pwned?”, the free online service for breach monitoring and notifications. Troy regularly blogs at troyhunt.com from his home on the Gold Coast in Australia.
Links:
- United States Computer Emergency Readiness Team http://www.us-cert.gov/ncas/current-activity
- Hak5 http://hak5.org/
- XKCD SQL Injection Comic http://xkcd.com/327/
- Havij http://www.itsecteam.com/products/havij-advanced-sql-injection/