Christian Wenz

Christian Wenz

Christian Wenz is an author, consultant and trainer focussing on web technologies and web application security. He wrote or co-wrote over 100 books, is a fixture at international developer conferences since 2001, and is the lead author of the Zend PHP certification. His day job at Arrabiata Solutions includes conducting security audits, migrating old code bases, implementing complex web applications and helping companies choose the right mix of web technologies.

Sessions Montréal 2019

10X More Secure with Content Security Policy

Session en anglais - Intermédiaire

The concept of Cross-site Scripting (XSS) is over 20 years old, but the attack does not seem to go away. There is finally light at the end of the tunnel: Content Security Policy is a W3C standard that can effectively limit which JavaScript code a browser is allowed to run. In this session we will have a look at different features and versions of CSP, provide best practices for using this technology, and also analyze implementation strategies.

Web Application Security Up-to-date: OWASP Top Ten

Session en anglais - Débutant

The Open Web Application Security Project (OWASP) curates a list of the top ten security risks for web applications and how to mitigate them. The ever changing world of web development created a challenge for the 2017 list, which needs to combine both existing approaches and modern trends in web development. We will have a look at each item in the list, see what can go wrong (with code!), and make sure that this won't happen in our web sites.

Sessions Vancouver 2016

Sessions Montréal 2015

Sessions Montréal 2013

Sessions Montréal 2012

Sessions Montréal 2011

Sessions Montréal 2010