stream of thought on the #tekx “bad guy for a day” tutorial. writing may resemble note-taking…because it is.
K, trying a bit of live(ish) blogging. This will be interesting since this will be stream of thought on the tutorial as it goes on.
Todays tutorial is given by Arne Blankerts.
We’re starting off with an over view of websecurity and what we’ll be doing today. Looks like I missed questions, good thing I didn’t have any.
We’ll be getting source to look at, makes me wish I wasn’t lazy and had set up an environment.
Starting off with types of security. Transport layer,infrastructure, data warehouse,interface design, user level and application level…those sort of things.
Remember to secure your infrastructure. Anecdote about a setup with default root of database was given. Keep in mind how you train users. Example error alerts training people to accept errors as ok and to click through.