RB Woods is from Wichita, BS in Physics, a life-long computer and programming enthusiast, was one of the rare individuals at his college to have an IBM personal computer in their dorm room in the early 80s. Yeah, that guy. Funny how not a lot of girls were hanging around to witness the “wizardry”. Introduced to Linux in the mid-90s and being the developer of or responsible for several web sites over the years he has developed a passion for security related topics and finding easier and better ways to accomplish significant improvements. He is Director of IT of a local manufacturing company and has used Linux systems in large numbers as the foundation for critical infrastructure elements since the late 90s.
With technologies and threats that continue to evolve it can be hard to even know where to start or what should or could be implemented next. This discussion will touch on many topics including some ignored or relatively unknown building blocks that, when properly implemented alongside other foundational pieces, can greatly strengthen the site defenses helping to protect both the site and the site users. Topics may include SQL injection, password storage, cross-site scripting (XSS), content security policy (CSP), cross-site request forgery (CSRF) mitigation and two-factor authentication (2fa).