Magento friend or foe – Security by obscurity

Sorin Buta | Senior QA Engineer Optaros

gb Workshop October 29, 2016 | 14:00 - 15:30 o' clock | Meet Magento 2016 » Developer Workshop
Haider Sadik | Magento Support Engineer Optaros

gb Workshop October 29, 2016 | 14:00 - 15:30 o' clock | Meet Magento 2016 » Developer Workshop
Codin Mihale | Magento Senior Support Engineer Optaros

gb Workshop October 29, 2016 | 14:00 - 15:30 o' clock | Meet Magento 2016 » Developer Workshop
Stefan Potirniche | Magento Technical Lead Optaros

gb Workshop October 29, 2016 | 14:00 - 15:30 o' clock | Meet Magento 2016 » Developer Workshop

Being the most popular eCommerce software in the world, Magento is an attractive target to hackers who would love to get insider your store.

A compromised website can have consequences on both merchant and customer since a hacker might distribute your data or use them to his personal interest.

Data security is critical since your website might be processing personal and in some cases even payment information.

Our goal is to take some of the most common security exploits and see how they can be used in the context of a magento website.

✓ XSS – reflected / persistent

✓ Cross Site Request Forgery – injecting malicious code

✓ Simultaneous request in the context of order placement

✓Real life security exploits examples

Maximum number of attendees: 30 [having their laptops (ideally with MacOS) is mandatory for the hands-on portion of the workshop]