Security Matters... Getting Started with Security Scanners
Security is often overlooked during the planning and execution of a site build. Its often assumed that as long as we follow best practices then everything will be fine, but as we all know even the best of us make mistakes which is why we have QA. While QA will catch the functional and appearance issues, they won't likely catch XSS, SQL injection, CSRF, and other security vulnerabilities. We could hire a manual pen tester for each deploy, but that gets really expensive really fast. The goal of this presentation is to hopefully make the internet a little bit safer by adding automated security scanners to the development life-cycle.
During this presentation we will quickly review the most common types of vulnerabilities, introduce security scanners, and then do a few live demos. Hopefully at the end of this you will feel comfortable trying this out on your own sites.