Security/Training resources
Appearance
< Security
Secure MediaWiki Coding
[edit]See Security for developers for general guidelines and information.
Previous trainings:
- Secure Coding For MediaWiki Developers (video) (Dec 2015, DPatrick (WMF))
- Hack Safely: Intro to MediaWiki Security (slides) (Lyon Hackathon 2015, CSteipp (WMF))
- Secure Architecture and Design (slides) (Lyon Hackathon 2015, CSteipp (WMF))
- How to get your code deployed (slides) (Amsterdam Hackathon 2013, CSteipp (WMF))
- Secure Coding and Other Stuff (video) (Sept 2012, CSteipp (WMF)
- Writing security code (video) (Berlin Hackathon 2012, Tim Starling)
- 2020 AppSec Training by ROS (internal only)
- 2021 AppSec Training by ROS (internal only)
PCI / OWASP
[edit]This training is given twice each year to the Fundraising tech, to fulfill PCI requirements
- 2018 Google Slides (permission granted upon request - see SBassett_(WMF)
- Commons PDF copy of aforementioned Google Slides
- Accompanying Code Examples (hosted at Github)
- YouTube Live Recording of 2018 Training Session (currently private)
Operational Security
[edit]- OpSec for Everyone (slides) (WMF Staff Only, at this point)
- Protecting your digital identity
OWASP Top 10 - 2017
[edit]- Presentation on the OWASP Top 10 by Dave Wichers January 10 2018 (video) (slides)