`
Attackers want your data and they're getting it from your API
October 15, 2021
Longhorn PHP
APIs are everywhere. Some companies sell theirs for profit and publish documentation alongside it. Others expose just enough APIs to provide value to the end users, without ever intending them to be used for any other purpose. Your API is the purveyor to some valuable data, and attackers are eager to get at it. This session will cover some of the methods attackers use to reverse engineer your API and some steps you can take to thwart them. The session will begin by demonstrating a few more...methodologies on how traffic to an API can be "sniffed" and analyzed. We will then discuss authentication with API keys and OAuth2 and the differences and pitfalls of each. We'll touch on some low hanging fruit on hardening your API: TLS encryption, certificate pinning, and some less obvious techniques including HMAC request signing, obfuscation, compilation protection, and more. At the end of the session you'll have a better understanding of the cat and mouse game that is API security, the knowhow of the tools and techniques attackers might be using to get at your data, and some steps you can implement to better your API's security.
Native Apps with Tabris.js
Native Apps with Tabris.js
November 5, 2019
Developer Week Austin
Tabris.js is a mobile framework that lets you develop native iOS and Android apps from a single code base written entirely in JavaScript. Tabris.js is fully native (no WebViews!) and allows you to use existing JavaScript libraries, node modules and Cordova plugins to build your apps. The developer app lets you reload your code at the push of a button for a fast develop/test cycle. Tabris.js also has an online build service eliminating the need to set up SDKs to generate packages for mobile devices.
Xdebug will forever change the way you debug your PHP code
Xdebug will forever change the way you debug your PHP code
September 21, 2019
Cascadia PHP Conference
We've all used echo, print_r, and var_dump to figure out why our code doesn't work. But did you know there's an easier way? This talk will demonstrate the use of two popular PHP tools: Xdebug and PhpStorm. Instead of littering your code with statements to send variable values to the browser, using these tools it's possible to pause script execution on a specific line, allowing you to view and edit any variable as well as arbitrary code. Never again will you forget to remove test code before sending it to production!
Xdebug will forever change the way you debug your PHP code
Xdebug will forever change the way you debug your PHP code
February 9, 2019
Sunshine PHP Conference
We've all used echo, print_r, and var_dump to figure out why our code doesn't work. But did you know there's an easier way? This talk will demonstrate the use of two popular PHP tools: Xdebug and PhpStorm. Instead of littering your code with statements to send variable values to the browser, using these tools it's possible to pause script execution on a specific line, allowing you to view and edit any variable as well as arbitrary code. Never again will you forget to remove test code before sending it to production!
Xdebug will forever change the way you debug your PHP code
Xdebug will forever change the way you debug your PHP code
January 10, 2019
Seattle PHP User Group
We've all used echo, print_r, and var_dump to figure out why our code doesn't work. But did you know there's an easier way? This talk will demonstrate the use of two popular PHP tools: Xdebug and PhpStorm. Instead of littering your code with statements to send variable values to the browser, using these tools it's possible to pause script execution on a specific line, allowing you to view and edit any variable as well as arbitrary code. Never again will you forget to remove test code before sending it to production!
Native Apps with Tabris.js
Native Apps with Tabris.js
November 2, 2018
Madison PHP Conference
Tabris.js is a mobile framework that lets you develop native iOS and Android apps from a single code base written entirely in JavaScript. Tabris.js is fully native (no WebViews! and allows you to use existing JavaScript libraries, node modules and Cordova plugins to build your apps. The developer app lets you reload your code at the push of a button for a fast develop/test cycle. Tabris.js also has an online build service eliminating the need to set up SDKs to generate packages for mobile devices.
Intro to Redis with PHP
Intro to Redis with PHP
July 20, 2017
Seattle Redis Meetup
An overview of Redis, what it does, and Redis' various datatypes, and how to use Redis with PHP
Creating Web Scrapers
Creating Web Scrapers
July 11, 2017
Seattle PHP User Group
An introduction to web scrapers and a few techniques for building them
Native Apps with Tabris.js
Native Apps with Tabris.js
May 11, 2017
Seattle JS Meetup
Tabris.js is a mobile framework that lets you develop native iOS and Android apps from a single code base written entirely in JavaScript. Tabris.js does not use WebViews for rendering and allows you to use existing JavaScript libraries, node modules and Cordova plugins to build your apps. Tabris.js also has an online build service eliminating the need to set up SDKs to generate packages for mobile devices.
Upgrading to PHP 7
Upgrading to PHP 7
June 14, 2016
Seattle PHP User Group
An lightning talk on the overview of the process involved and some of the pitfalls I encountered when migrating a PHP 5.6 application to 7.0.
Something About Redis
Something About Redis
April 7, 2015
Seattle PHP User Group
Introduction to Redis, what it does, and Redis' various datatypes. Also a demo of installation and of PubSub using Websockets.