Security is more than filtering input and escaping output (FIEO), and it’s more than cross-site scripting (XSS) and cross-site request forgeries (CSRF). Security isn’t even always black and white. In order to create a more secure user experience, we need to understand how people think. Perception is as important as reality, and meeting user expectations is a fundamental of good security. In this multifarious talk, I’ll introduce some of what I have learned about cognitive psychology, exploring topics such as change blindness and ambient signifiers, and I’ll show some real-world examples that demonstrate the profound impact human behavior can have on security.
Chris is a thought leader in the PHP and web application security communities — a widely-read blogger at shiflett.org, a popular speaker at industry conferences worldwide, and the founder of the PHP Security Consortium.
His books include the critically-acclaimed Essential PHP Security (O’Reilly) and HTTP Developer’s Handbook (Sams). His writing has also appeared in a number of other popular books including Programming PHP (O’Reilly), PHP Cookbook (O’Reilly), and PHP in Action (Manning).
Comments on this page are now closed.
For information on exhibition and sponsorship opportunities at the conference, contact Sharon Cordesse at email@example.com
Download the OSCON Sponsor/Exhibitor Prospectus
For media-related inquiries, contact Maureen Jennings at firstname.lastname@example.org
To stay abreast of conference news and to receive email notification when registration opens, please sign up for the OSCON newsletter (login required)
View a complete list of OSCON contacts