GOTO is a vendor independent international software development conference with more that 90 top speaker and 1300 attendees. The conference cover topics such as .Net, Java, Open Source, Agile, Architecture and Design, Web, Cloud, New Languages and Processes

Presentation: "Knock, Knock. Who's There? Understanding Who's Accessing your Web Applications"

Time: Tuesday 16:30 - 17:20 / Location: Walton South

Knock, knock.
Who's there?
User.
User who?
user@website.com:password.
Ok, have fun!

There are lots of ways of dealing with authentication, but the interaction before, during, and after is usually ignored. This is pretty much how web applications work today. We don't ask the right questions of users attempting to access our web applications. How sure are you that the user accessing your site is who they say they are? How sure are you that you want them accessing your site at all?
 
Join Aaron Bedra as he walks you through asking the questions you should be asking of your users, and how to help prevent abuse, fraud, and otherwise unwanted activity on your web applications. You will learn how to ask the right questions without interfering with a great user experience.

Download slides

Aaron Bedra, Application Security Lead, Braintree and Co-Author of Programming Clojure, 2nd Edition

Aaron Bedra

Biography: Aaron Bedra

Aaron Bedra is the application security lead at Braintree. He is the co-author of Programming Clojure, Practical Software Security, and another upcoming Pragmatic Press book.

Software Passion: Language exploration and new ways of exploring how to program

Twitter: @abedra

Websites: aaronbedra.com

Professional Contributions:  Programming Clojure, 2nd Edition Clojure Clojure Contrib Accession (Clojure Redis adapter) Ring Hiccup Ruby on Rails