SlideShare una empresa de Scribd logo

Magento Security Best Practises - MM17PL

Anna Völkl
Anna Völkl

Software development can sometimes be a mess: live database dumps needed for testing lying around, development files being forgotten or accidentally transferred to the live environment, untested code being written and deployed in a hurry. It’s easy to mess up and fail, often without noticing for a long time. In this talk we’ll have a look at how to bullet-proof your development workflow. It covers best practices and tools which you should use in your daily work that will improve the overall security and also speed up software development. Presentation given on 18th September 2017 at Meet Magento Poland #mm17pl

Software
1 de 50
Descargar para leer sin conexión
#mm17pl, Anna Völkl
Magento Security Best Practices Best practises and tools to improve the overall security of your Magento shops Anna Völkl / @rescueAnn #mm17pl, Anna Völkl
Anna Völkl ! Lead Magento Developer ! E-CONOMIX ! Wels & Linz / Austria @rescueAnn #mm17pl, Anna Völkl
http://bouk.co/blog/hacking-developers/ http://extractdata.club #mm17pl, Anna Völkl
Who is responsible for security? "I didn't know it had to be secure..." #mm17pl, Anna Völkl
Source: Zend - The State of PHP in 2017 #mm17pl, Anna Völkl
Magento Security Best Practises ! https://magento.com/security ! Sign up for Magento security alerts • Be prepared #mm17pl, Anna Völkl
Magento Security Best Practises ! https://magento.com/security ! Sign up for Magento security alerts • Be prepared • Patch early & • Use magereport.com & Magento Security Scan #mm17pl, Anna Völkl
Magento Security Best Practises ! https://magento.com/security ! Sign up for Magento security alerts • Be prepared • Patch early • Use magereport.com & Magento Security Scan • Monitor for Signs of Attack #mm17pl, Anna Völkl
Magento Security Scan • very detailed report about security of a Magento shop • currently by invite only, partners • ,,Magento’s official security monitoring service'' (John Steer, Head of Product Security at Magento) • more official news soon :) Infos: ! securityinfo@magento.com #mm17pl, Anna Völkl
Recommended Extensions I Passwords & Login ! #mm17pl, Anna Völkl
Recommended Extensions I Passwords & Login • EW_NativePasswords #mm17pl, Anna Völkl
Recommended Extensions I Passwords & Login • EW_NativePasswords • MageHackDay_TwoFactorAuth #mm17pl, Anna Völkl
Recommended Extensions I Passwords & Login • EW_NativePasswords • MageHackDay_TwoFactorAuth • BranchLabs_AdminPasswordStrength #mm17pl, Anna Völkl
Recommended Extensions I Passwords & Login • EW_NativePasswords • MageHackDay_TwoFactorAuth • BranchLabs_AdminPasswordStrength • Shopliebe_PasswordStrength #mm17pl, Anna Völkl
Recommended Extensions I Passwords & Login • EW_NativePasswords • MageHackDay_TwoFactorAuth • BranchLabs_AdminPasswordStrength • Shopliebe_PasswordStrength • Ikonoshirt_Pbkdf2 #mm17pl, Anna Völkl
Recommended Extensions II Configuration & Monitoring ! #mm17pl, Anna Völkl
Recommended Extensions II Configuration & Monitoring • Ikonoshirt_StrictTransportSecurity #mm17pl, Anna Völkl
Recommended Extensions II Configuration & Monitoring • Ikonoshirt_StrictTransportSecurity • ET_IpSecurity #mm17pl, Anna Völkl
Recommended Extensions II Configuration & Monitoring • Ikonoshirt_StrictTransportSecurity • ET_IpSecurity • FireGento_AdminMonitoring #mm17pl, Anna Völkl
Recommended Extensions II Configuration & Monitoring • Ikonoshirt_StrictTransportSecurity • ET_IpSecurity • FireGento_AdminMonitoring • Nexcessnet_Alarmbell #mm17pl, Anna Völkl
Recommended Extensions II Configuration & Monitoring • Ikonoshirt_StrictTransportSecurity • ET_IpSecurity • FireGento_AdminMonitoring • Nexcessnet_Alarmbell • Mhauri_Slack / Moogento_SlackCommerce #mm17pl, Anna Völkl
Recommended Extensions for M2 ! #mm17pl, Anna Völkl
Recommended Extensions for M2 • creaminternet/module-secure-passwords #mm17pl, Anna Völkl
Recommended Extensions for M2 • creaminternet/module-secure-passwords • Git Status Security Report #mm17pl, Anna Völkl
Recommended Extensions for M2 • creaminternet/module-secure-passwords • Git Status Security Report • MageSpecialist SecuritySuite • Two Factor Auth, User lockout, reCaptcha, Admin IP restriction, Digest Auth #mm17pl, Anna Völkl
Who has access to your code? You. Your colleague. Your company. Your GitLab Server Server. An external developer. GitHub/Bitbucket Your CodeClimate Integration. Your build/deployment tools. #mm17pl, Anna Völkl
#mm17pl, Anna Völkl
Isolate Development from Production reduce unwanted errors, improve security #mm17pl, Anna Völkl
Dev vs. Testing/ Staging vs. Production #mm17pl, Anna Völkl
No keys in your code, put them in settings files. Don't add the settings files (esp. production) into your repo. #mm17pl, Anna Völkl
#mm17pl, Anna Völkl
#mm17pl, Anna Völkl
Database dumps I Because dumping big databases is boring #mm17pl, Anna Völkl
Remove log data$ n98-magerun.phar db:dump --strip="@stripped" Available: @log, @dataflowtemp, @stripped See: n98-magerun Stripped Database Dumps #mm17pl, Anna Völkl
Database dumps II Because you don't need thousands of orders, customers and logs in your dev-environment #mm17pl, Anna Völkl
Remove sales and customer data $ n98-magerun.phar db:dump --strip="@development" Available: @log, @dataflowtemp, @stripped, @sales, @customers, @trade, @development See: n98-magerun Stripped Database Dumps #mm17pl, Anna Völkl
Use an environment configuration tool Because accidentally using the wrong environment is embarrassing #mm17pl, Anna Völkl
Environment Configuration • LimeSoda_EnvironmentConfiguration • n98-magerun Script • Cti_MagentoConfigurator • HarrisStreet ImpEx #mm17pl, Anna Völkl
Code analysis • CodeClimate • SensioLabs Insight • Scrutinizer #mm17pl, Anna Völkl
GrumPHP A PHP code-quality tool • Tests running via git hooks • improve codebase • write better code following best practises • Extra packages like sensiolabs/ security-checker ! https://github.com/phpro/grumphp #mm17pl, Anna Völkl
#mm17pl, Anna Völkl
Security advisories https://github.com/FriendsOfPHP/security-advisories Checking for Vulnerabilities • Upload composer.lock to https://security.sensiolabs.org • Use web service (curl) • Use CLI tool php checker security:check composer.lock #mm17pl, Anna Völkl
Magento Malware Scanner wget git.io/mwscan.txt grep -Erlf mwscan.txt /path/to/magento https://github.com/gwillem/magento-malware-scanner #mm17pl, Anna Völkl
Magento Project Mess Detector https://github.com/AOEpeople/mpmd #mm17pl, Anna Völkl
Admin password cracking #mm17pl, Anna Völkl
Warnings on HTTP websites in Google Chrome 62 As part of Google's quest to compel all websites to use the more secure HTTPS protocol, Chrome 62 will flash more warnings when you visit HTTP sites. A few months ago, Chrome 56 (rightly) started labeling unencrypted sites as "not secure" right next to their URLs in the address line if they're asking for passwords and credit card details. — engadget.com ! More Info #mm17pl, Anna Völkl
To do ! Read & apply Magento Security Best Practises ! Sign up for Magento security alerts ! Test & check your code and settings ! Full HTTPS ! Follow @piotrekkaminski, @gwillem, @_Talesh, @pete_cags, @PeterJaap, @Fabian_ikono, @RicTempesta #mm17pl, Anna Völkl
Thanks! Questions? @rescueAnn github.com/avoelkl #mm17pl, Anna Völkl
#mm17pl, Anna Völkl

Recomendados

Secure development environment @ Meet Magento Croatia 2017
Secure development environment @ Meet Magento Croatia 2017Secure development environment @ Meet Magento Croatia 2017
Secure development environment @ Meet Magento Croatia 2017Anna Völkl
 
Magento Security Best Practises - MM17DE
Magento Security Best Practises - MM17DEMagento Security Best Practises - MM17DE
Magento Security Best Practises - MM17DEAnna Völkl
 
How to get maximum from Magento community
How to get maximum from Magento community How to get maximum from Magento community
How to get maximum from Magento community Vasyl Malanka
 
James jara portafolio
James jara portafolioJames jara portafolio
James jara portafolioJames Jara
 
What is apache kafka
What is apache kafkaWhat is apache kafka
What is apache kafkaMinesh A. Jethva
 
WordCamp London - Top Tools for WordPress SEO - To Use As Well As Yoast's Stuff
WordCamp London - Top Tools for WordPress SEO - To Use As Well As Yoast's StuffWordCamp London - Top Tools for WordPress SEO - To Use As Well As Yoast's Stuff
WordCamp London - Top Tools for WordPress SEO - To Use As Well As Yoast's StuffRhys Wynne
 
Android Development - NOTE TAKING APP FROM SCRATCH
Android Development - NOTE TAKING APP FROM SCRATCHAndroid Development - NOTE TAKING APP FROM SCRATCH
Android Development - NOTE TAKING APP FROM SCRATCHKeith Levi Lumanog
 
Mancsas - 5 Top Tools for WordPress SEO in 2016
Mancsas - 5 Top Tools for WordPress SEO in 2016Mancsas - 5 Top Tools for WordPress SEO in 2016
Mancsas - 5 Top Tools for WordPress SEO in 2016Rhys Wynne
 

Recomendados

Secure development environment @ Meet Magento Croatia 2017
Secure development environment @ Meet Magento Croatia 2017Secure development environment @ Meet Magento Croatia 2017
Secure development environment @ Meet Magento Croatia 2017Anna Völkl
 
Magento Security Best Practises - MM17DE
Magento Security Best Practises - MM17DEMagento Security Best Practises - MM17DE
Magento Security Best Practises - MM17DEAnna Völkl
 
How to get maximum from Magento community
How to get maximum from Magento community How to get maximum from Magento community
How to get maximum from Magento community Vasyl Malanka
 
James jara portafolio
James jara portafolioJames jara portafolio
James jara portafolioJames Jara
 
What is apache kafka
What is apache kafkaWhat is apache kafka
What is apache kafkaMinesh A. Jethva
 
WordCamp London - Top Tools for WordPress SEO - To Use As Well As Yoast's Stuff
WordCamp London - Top Tools for WordPress SEO - To Use As Well As Yoast's StuffWordCamp London - Top Tools for WordPress SEO - To Use As Well As Yoast's Stuff
WordCamp London - Top Tools for WordPress SEO - To Use As Well As Yoast's StuffRhys Wynne
 
Android Development - NOTE TAKING APP FROM SCRATCH
Android Development - NOTE TAKING APP FROM SCRATCHAndroid Development - NOTE TAKING APP FROM SCRATCH
Android Development - NOTE TAKING APP FROM SCRATCHKeith Levi Lumanog
 
Mancsas - 5 Top Tools for WordPress SEO in 2016
Mancsas - 5 Top Tools for WordPress SEO in 2016Mancsas - 5 Top Tools for WordPress SEO in 2016
Mancsas - 5 Top Tools for WordPress SEO in 2016Rhys Wynne
 
Security Testing for Blue Teamers
Security Testing for Blue TeamersSecurity Testing for Blue Teamers
Security Testing for Blue TeamersBen Finke
 
Open Source Monitoring in 2019
Open Source Monitoring in 2019 Open Source Monitoring in 2019
Open Source Monitoring in 2019 Kris Buytaert
 
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7Rapid7
 
Scaling Machine Learning Systems up to Billions of Predictions per Day
Scaling Machine Learning Systems up to Billions of Predictions per DayScaling Machine Learning Systems up to Billions of Predictions per Day
Scaling Machine Learning Systems up to Billions of Predictions per DayCarmine Paolino
 
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.DefCamp
 
Fixing security by fixing software development
Fixing security by fixing software developmentFixing security by fixing software development
Fixing security by fixing software developmentNick Galbreath
 
Extension Submission to Marketplace
Extension Submission to MarketplaceExtension Submission to Marketplace
Extension Submission to MarketplaceWagento Kangiya
 
Mli 2017 technical first steps to building secure Magento extensions
Mli 2017 technical first steps to building secure Magento extensionsMli 2017 technical first steps to building secure Magento extensions
Mli 2017 technical first steps to building secure Magento extensionsHanoi MagentoMeetup
 
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...Mauricio Velazco
 
Penetration testing as an internal audit activity
Penetration testing as an internal audit activityPenetration testing as an internal audit activity
Penetration testing as an internal audit activityTranscendent Group
 
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...NETWAYS
 
From MonitoringSucks to Monitoring Love , 2016 Edition
From MonitoringSucks to Monitoring Love , 2016 EditionFrom MonitoringSucks to Monitoring Love , 2016 Edition
From MonitoringSucks to Monitoring Love , 2016 EditionKris Buytaert
 
BruCON Agnitio Workshop
BruCON Agnitio WorkshopBruCON Agnitio Workshop
BruCON Agnitio WorkshopSecurity Ninja
 
Introduzione alla SEO Automation con Python
Introduzione alla SEO Automation con PythonIntroduzione alla SEO Automation con Python
Introduzione alla SEO Automation con PythonAndrea Baggio
 
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...Flink Forward
 
Alfresco Summit 2013 - The Art of the Upgrade
Alfresco Summit 2013 - The Art of the UpgradeAlfresco Summit 2013 - The Art of the Upgrade
Alfresco Summit 2013 - The Art of the UpgradeKyle Adams
 
How to Better Manage Technical Debt While Innovating on DevOps
How to Better Manage Technical Debt While Innovating on DevOpsHow to Better Manage Technical Debt While Innovating on DevOps
How to Better Manage Technical Debt While Innovating on DevOpsDynatrace
 
Chapter 1-1.pptx
Chapter 1-1.pptxChapter 1-1.pptx
Chapter 1-1.pptxbiniyamgashaw2
 
Is your SAP system vulnerable to cyber attacks?
Is your SAP system vulnerable to cyber attacks?Is your SAP system vulnerable to cyber attacks?
Is your SAP system vulnerable to cyber attacks?Virtual Forge
 
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"LogeekNightUkraine
 
Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...
Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...
Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...Anna Völkl
 
Secure input and output handling - Mage Titans Manchester 2016
Secure input and output handling - Mage Titans Manchester 2016Secure input and output handling - Mage Titans Manchester 2016
Secure input and output handling - Mage Titans Manchester 2016Anna Völkl
 

Más contenido relacionado

Similar a Magento Security Best Practises - MM17PL

Security Testing for Blue Teamers
Security Testing for Blue TeamersSecurity Testing for Blue Teamers
Security Testing for Blue TeamersBen Finke
 
Open Source Monitoring in 2019
Open Source Monitoring in 2019 Open Source Monitoring in 2019
Open Source Monitoring in 2019 Kris Buytaert
 
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7Rapid7
 
Scaling Machine Learning Systems up to Billions of Predictions per Day
Scaling Machine Learning Systems up to Billions of Predictions per DayScaling Machine Learning Systems up to Billions of Predictions per Day
Scaling Machine Learning Systems up to Billions of Predictions per DayCarmine Paolino
 
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.DefCamp
 
Fixing security by fixing software development
Fixing security by fixing software developmentFixing security by fixing software development
Fixing security by fixing software developmentNick Galbreath
 
Extension Submission to Marketplace
Extension Submission to MarketplaceExtension Submission to Marketplace
Extension Submission to MarketplaceWagento Kangiya
 
Mli 2017 technical first steps to building secure Magento extensions
Mli 2017 technical first steps to building secure Magento extensionsMli 2017 technical first steps to building secure Magento extensions
Mli 2017 technical first steps to building secure Magento extensionsHanoi MagentoMeetup
 
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...Mauricio Velazco
 
Penetration testing as an internal audit activity
Penetration testing as an internal audit activityPenetration testing as an internal audit activity
Penetration testing as an internal audit activityTranscendent Group
 
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...NETWAYS
 
From MonitoringSucks to Monitoring Love , 2016 Edition
From MonitoringSucks to Monitoring Love , 2016 EditionFrom MonitoringSucks to Monitoring Love , 2016 Edition
From MonitoringSucks to Monitoring Love , 2016 EditionKris Buytaert
 
BruCON Agnitio Workshop
BruCON Agnitio WorkshopBruCON Agnitio Workshop
BruCON Agnitio WorkshopSecurity Ninja
 
Introduzione alla SEO Automation con Python
Introduzione alla SEO Automation con PythonIntroduzione alla SEO Automation con Python
Introduzione alla SEO Automation con PythonAndrea Baggio
 
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...Flink Forward
 
Alfresco Summit 2013 - The Art of the Upgrade
Alfresco Summit 2013 - The Art of the UpgradeAlfresco Summit 2013 - The Art of the Upgrade
Alfresco Summit 2013 - The Art of the UpgradeKyle Adams
 
How to Better Manage Technical Debt While Innovating on DevOps
How to Better Manage Technical Debt While Innovating on DevOpsHow to Better Manage Technical Debt While Innovating on DevOps
How to Better Manage Technical Debt While Innovating on DevOpsDynatrace
 
Is your SAP system vulnerable to cyber attacks?
Is your SAP system vulnerable to cyber attacks?Is your SAP system vulnerable to cyber attacks?
Is your SAP system vulnerable to cyber attacks?Virtual Forge
 
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"LogeekNightUkraine
 

Similar a Magento Security Best Practises - MM17PL (20)

Security Testing for Blue Teamers
Security Testing for Blue TeamersSecurity Testing for Blue Teamers
Security Testing for Blue Teamers
 
Open Source Monitoring in 2019
Open Source Monitoring in 2019 Open Source Monitoring in 2019
Open Source Monitoring in 2019
 
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
The Internet of Fails - Mark Stanislav, Senior Security Consultant, Rapid7
 
Scaling Machine Learning Systems up to Billions of Predictions per Day
Scaling Machine Learning Systems up to Billions of Predictions per DayScaling Machine Learning Systems up to Billions of Predictions per Day
Scaling Machine Learning Systems up to Billions of Predictions per Day
 
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.Let's Make Pentesting Fun Again! Report writing in 5 minutes.
Let's Make Pentesting Fun Again! Report writing in 5 minutes.
 
Fixing security by fixing software development
Fixing security by fixing software developmentFixing security by fixing software development
Fixing security by fixing software development
 
Extension Submission to Marketplace
Extension Submission to MarketplaceExtension Submission to Marketplace
Extension Submission to Marketplace
 
Mli 2017 technical first steps to building secure Magento extensions
Mli 2017 technical first steps to building secure Magento extensionsMli 2017 technical first steps to building secure Magento extensions
Mli 2017 technical first steps to building secure Magento extensions
 
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
Defcon Blue Team Village 2020: Purple On My Mind: Cost Effective Automated Ad...
 
Penetration testing as an internal audit activity
Penetration testing as an internal audit activityPenetration testing as an internal audit activity
Penetration testing as an internal audit activity
 
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...
OSMC 2018 | Integrating Check_MK agent into Thruk – Windows monitoring made e...
 
From MonitoringSucks to Monitoring Love , 2016 Edition
From MonitoringSucks to Monitoring Love , 2016 EditionFrom MonitoringSucks to Monitoring Love , 2016 Edition
From MonitoringSucks to Monitoring Love , 2016 Edition
 
BruCON Agnitio Workshop
BruCON Agnitio WorkshopBruCON Agnitio Workshop
BruCON Agnitio Workshop
 
Introduzione alla SEO Automation con Python
Introduzione alla SEO Automation con PythonIntroduzione alla SEO Automation con Python
Introduzione alla SEO Automation con Python
 
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...
Flink Forward Berlin 2018: Wei-Che (Tony) Wei - "Lessons learned from Migrati...
 
Alfresco Summit 2013 - The Art of the Upgrade
Alfresco Summit 2013 - The Art of the UpgradeAlfresco Summit 2013 - The Art of the Upgrade
Alfresco Summit 2013 - The Art of the Upgrade
 
How to Better Manage Technical Debt While Innovating on DevOps
How to Better Manage Technical Debt While Innovating on DevOpsHow to Better Manage Technical Debt While Innovating on DevOps
How to Better Manage Technical Debt While Innovating on DevOps
 
Chapter 1-1.pptx
Chapter 1-1.pptxChapter 1-1.pptx
Chapter 1-1.pptx
 
Is your SAP system vulnerable to cyber attacks?
Is your SAP system vulnerable to cyber attacks?Is your SAP system vulnerable to cyber attacks?
Is your SAP system vulnerable to cyber attacks?
 
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"
Kostiantyn Yelisavenko "Mastering Macro Benchmarking in .NET"
 

Más de Anna Völkl

Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...
Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...
Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...Anna Völkl
 
Secure input and output handling - Mage Titans Manchester 2016
Secure input and output handling - Mage Titans Manchester 2016Secure input and output handling - Mage Titans Manchester 2016
Secure input and output handling - Mage Titans Manchester 2016Anna Völkl
 
Secure input and output handling - Meet Magento Romania 2016
Secure input and output handling - Meet Magento Romania 2016Secure input and output handling - Meet Magento Romania 2016
Secure input and output handling - Meet Magento Romania 2016Anna Völkl
 
Secure input and output handling - ViennaPHP
Secure input and output handling - ViennaPHPSecure input and output handling - ViennaPHP
Secure input and output handling - ViennaPHPAnna Völkl
 
Secure input and output handling - Magento Meetup Vienna Edition
Secure input and output handling - Magento Meetup Vienna EditionSecure input and output handling - Magento Meetup Vienna Edition
Secure input and output handling - Magento Meetup Vienna EditionAnna Völkl
 
Magento Application Security [EN]
Magento Application Security [EN]Magento Application Security [EN]
Magento Application Security [EN]Anna Völkl
 
Magento Application Security [DE]
Magento Application Security [DE]Magento Application Security [DE]
Magento Application Security [DE]Anna Völkl
 

Más de Anna Völkl (7)

Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...
Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...
Schnell, schön, sicher: Technische Konzeption und Betrieb sicherer E-Commerce...
 
Secure input and output handling - Mage Titans Manchester 2016
Secure input and output handling - Mage Titans Manchester 2016Secure input and output handling - Mage Titans Manchester 2016
Secure input and output handling - Mage Titans Manchester 2016
 
Secure input and output handling - Meet Magento Romania 2016
Secure input and output handling - Meet Magento Romania 2016Secure input and output handling - Meet Magento Romania 2016
Secure input and output handling - Meet Magento Romania 2016
 
Secure input and output handling - ViennaPHP
Secure input and output handling - ViennaPHPSecure input and output handling - ViennaPHP
Secure input and output handling - ViennaPHP
 
Secure input and output handling - Magento Meetup Vienna Edition
Secure input and output handling - Magento Meetup Vienna EditionSecure input and output handling - Magento Meetup Vienna Edition
Secure input and output handling - Magento Meetup Vienna Edition
 
Magento Application Security [EN]
Magento Application Security [EN]Magento Application Security [EN]
Magento Application Security [EN]
 
Magento Application Security [DE]
Magento Application Security [DE]Magento Application Security [DE]
Magento Application Security [DE]
 

Último

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...masabamasaba
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationJuha-Pekka Tolvanen
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburgmasabamasaba
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnAmarnathKambale
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...chiefasafspells
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park masabamasaba
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...masabamasaba
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
tonesoftg
tonesoftgtonesoftg
tonesoftglanshi9
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2
 

Último (20)

%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
%+27788225528 love spells in Atlanta Psychic Readings, Attraction spells,Brin...
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
WSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go PlatformlessWSO2CON2024 - It's time to go Platformless
WSO2CON2024 - It's time to go Platformless
 
What Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the SituationWhat Goes Wrong with Language Definitions and How to Improve the Situation
What Goes Wrong with Language Definitions and How to Improve the Situation
 
WSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security ProgramWSO2CON 2024 - How to Run a Security Program
WSO2CON 2024 - How to Run a Security Program
 
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
WSO2CON 2024 - Building the API First Enterprise – Running an API Program, fr...
 
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
WSO2CON 2024 - Navigating API Complexity: REST, GraphQL, gRPC, Websocket, Web...
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
%in Rustenburg+277-882-255-28 abortion pills for sale in Rustenburg
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
Love witchcraft +27768521739 Binding love spell in Sandy Springs, GA |psychic...
 
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park %in kempton park+277-882-255-28 abortion pills for sale in kempton park
%in kempton park+277-882-255-28 abortion pills for sale in kempton park
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 

Magento Security Best Practises - MM17PL