Skip Navigation Linksfail-lessons-from-infosec-incidents

​#FAIL - Lessons from infosec incidents

Robin Minto

Robin is a developer/technical architect working for ByBox, a supply chain technology company in the UK.

He’s passionate about dev, ops, continuous improvement and all things security

Other passions include snowboarding, cycling and gin (but not together). He blogs at

Brief Overview

We're still failing at web security. It's hard and there are plenty of bad dudes waiting to take advantage of our mistakes. Let's learn from mistakes to become more secure! We'll look at examples and how we can improve our applications. This is the evolution of a talk I gave at DDD Reading.


Securing a web application is a challenge. The internet is awash with malicious traffic and web applications are globally accessible. Don’t make it easy for them and the baddies will move on and find someone else to annoy.

We’ll look at the risks facing web applications, the basic steps you can take so that you don’t make yourself a target and the things you should do to avoid becoming a data breach statistic. We’ll also look at lessons that can be learnt from mistakes that others have made.

We’ll demo some of the techniques and tools in both attack and defence with examples for any web application developer.