5 June 2019
"Walking through firewalls"
I'm sure we've all had the experience of working on a project where nobody could tell us what problem we’re trying to solve. Similarly, I suspect we've all worked on projects that are heavily invested in a particular technology yet have no idea how it works. This can quickly lead to a situation where we've not actually solved the problem. We weren't clear on what we were trying to achieve, and we didn't really know how things worked.
This talk takes you on a journey through a real world scenario, showing how easy it is to fall into this trap and how to avoid it (or pull things back on track). We happen to use the example of bypassing firewalls, but the topic should challenge us to think more critically about other technologies we might use and other problems we may need to solve.
On one level, we'll look at how a firewall could be bypassed. In doing so, we'll look at some foundational building blocks of the web and show the importance of having a good depth of knowledge in the technologies you're using.
On another level, we'll look at how we can critically evaluate the work we're doing, the problems we're trying to solve, and the knowledge we need to tackle them.
Expect to come away having learned a little something about firewalls, security, and some of the techniques hackers might use to attack your systems... as well as a few things about HTTP, TLS and proxy modes.
Stuart Gunter | Security Practice Lead at Equal Experts
Stuart has over 18 years experience working in software engineering across a range of industries. His background includes .NET and JVM-based tech stacks, holding positions such as developer, tech lead and architect. He has worked on monoliths and microservices, on premise and in the cloud, using cutting edge technology and good old fashioned boring tech, building apps for small user bases and millions of users.
His focus on security over the past few years has emerged from his interest in engineering better quality software. He enjoys helping teams better integrate security into their regular delivery cycle, and works hard to ensure that security enables us to deliver business value to customers quickly and safely