Developed secure authentication, identification, and privacy management tools and hosted SaaS platform for enterprise partners. Helped design and build a scalable, end-to-end encrypted database for managing consumers' personally identifying information (PII).
Developed engineering plans for various clients in partnership with the engineering management team. Created prototypes and final implementations of advanced systems integration tools and API libraries.
Recipient of the Centurion Award
Recipient of the Computer Science, Engineering, and Mathematics Scholar Award
Security is an ongoing process not something to add right before your app launches. In this book, you’ll learn how to write secure PHP applications from first principles. Why wait until your site is attacked or your data is breached? Prevent your exposure by being aware of the ways a malicious user might hijack your web site or API. Discover how to secure your applications against many of the vulnerabilities exploited by attackers.
Modern PHP supports modern encryption: Sodium. This new interface provides a set of opinionated cryptographic primitives that help prevent you from making a costly mistake. Sodium allows symmetric encryption, public/private encryption, and data signing just like you’re used to in other languages. It’s also native to PHP as of version 7.2.
[Training Class] PHP is a secure, modern programming language suitable for any number of applications. As with any other language or tool, PHP can only be used securely if the developers using it wield their tools safely.
In 2016, NIST announced it was deprecating SMS-based 2FA (second-factor authentication) from its Digital Authentication Guidance. As the internet works to harden application and online security, what are the proper options available for truly secure authentication? What are those OOB (out-of-band) transactions anyway? Why is identity security so hard? Learn about the tools that define the identity security landscape and how to easily integrate strong identity verification methods with your existing services. BYOA (bring your own acronyms).
Too often, the security of our applications is an afterthought rather than a pillar of design. This leads to embarrassing leaks of information, unintended violations of security best practices, or even critical vulnerabilities. This tutorial will walk through securing an app from first principles through smooth UX. We'll navigate password hashing, two factor authentication, and login by way of magic links. We'll then go even further with auth by way of mobile push notifications!
Should a password be long and complex? What about a string of easy-to-remember words instead? Are password managers the best way forward? What about multiple factors? Is there a better way?
These are all questions your users have: learn how to answer them and how to make security easy by moving beyond passwords for your web app entirely with magic link based authentication! Your users just click a link; they don't have to remember anything.
Sometimes, our use of PHP grows beyond the typical request/response cycle of dynamic page generation. Unfortunately, the threaded nature of PHP – and the stateless nature of the server – betrays any efforts to expand our utilization of the server. I will walk attendees through various evolutions of a specific application from synchronous execution of loops through asynchronous execution with Promise-based libraries in PHP.
This session will cover the severe need for low-tech access to WordPress but will focus on content production and consumption—which is a somewhat unique problem in the developing world. It will cover use cases, user groups, and a few proposed techniques for making content and publishing tools available to those without high-speed Internet, 3G connectivity, or traditional desktop publishing tools. Attendees will achieve a deeper understanding of potential, unreached user demographics and the tools/techniques they can use to reach these groups.
One of the newest tools on the market is an open source system called Vagrant. Thanks to this amazing application, you can quickly and easily create a new virtual development environment at a moment's notice.