GOTO is a vendor independent international software development conference with more that 90 top speaker and 1300 attendees. The conference cover topics such as .Net, Java, Open Source, Agile, Architecture and Design, Web, Cloud, New Languages and Processes
Aaron Bedra, TweetApplication Security Lead, Braintree and Co-Author of Programming Clojure, 2nd Edition
Biography: Aaron Bedra
Aaron Bedra is the application security lead at Braintree. He is the co-author of Programming Clojure, Practical Software Security, and another upcoming Pragmatic Press book.
Software Passion: Language exploration and new ways of exploring how to program
Twitter: @abedra
Websites: aaronbedra.com
Professional Contributions: Programming Clojure, 2nd Edition Clojure Clojure Contrib Accession (Clojure Redis adapter) Ring Hiccup Ruby on Rails
Presentation: TweetKnock, Knock. Who's There? Understanding Who's Accessing your Web Applications
Time:
Tuesday 16:30 - 17:20
/
Location:
Walton South
Knock, knock.
Who's there?
User.
User who?
user@website.com:password.
Ok, have fun!
There are lots of ways of dealing with authentication, but the interaction before, during, and after is usually ignored. This is pretty much how web applications work today. We don't ask the right questions of users attempting to access our web applications. How sure are you that the user accessing your site is who they say they are? How sure are you that you want them accessing your site at all?
Who's there?
User.
User who?
user@website.com:password.
Ok, have fun!
There are lots of ways of dealing with authentication, but the interaction before, during, and after is usually ignored. This is pretty much how web applications work today. We don't ask the right questions of users attempting to access our web applications. How sure are you that the user accessing your site is who they say they are? How sure are you that you want them accessing your site at all?
Join Aaron Bedra as he walks you through asking the questions you should be asking of your users, and how to help prevent abuse, fraud, and otherwise unwanted activity on your web applications. You will learn how to ask the right questions without interfering with a great user experience.