This month, Max Morlocke will talk about security best practices with practical python examples.

The attack surface of a website has grown significantly in the last ten years, which makes protecting yourself and your business feel harder and harder every day.  We’ll go over how to protect your assets from the most common classes of attacks like SQL Injection, Cross Site Scripting, and Cross Site Request Forgery using practical python examples and discuss tools that solve these problems.  We’ll also talk about layered defense strategies like the use of TLS and hashing of passwords.

If the presentation runs short and we have extra time, he’ll do a supplementary around web security and design showing examples of well designed interactions that improve security.  This will be lighter on python code, though I will provide references to libraries that are well supported.  As an example, walking through Dropbox’s password creation process using zxcvbn for password complexity, as opposed to the use of the 286 ferengi rules of password creation.

Come and learn, share, grow, meet new people, and visit old friends at our monthly meeting! We’ll be talking about the Python programming language and anything that intersects it, and the cool stuff you can do with it.

Afterwards we’ll be heading to Brazenhead on 5th.

Note that next month’s meeting will be a week early (May 22) due to the Memorial Day Holiday.