Security/Training resources

Secure MediaWiki Coding
See Security for developers for general guidelines and information.

Previous trainings:
 * Secure Coding For MediaWiki Developers (video) (Dec 2015, DPatrick (WMF))
 * Hack Safely: Intro to MediaWiki Security (slides) (Lyon Hackathon 2015, CSteipp (WMF))
 * Secure Architecture and Design (slides) (Lyon Hackathon 2015, CSteipp (WMF))
 * How to get your code deployed (slides) (Amsterdam Hackathon 2013, CSteipp (WMF))
 * Secure Coding and Other Stuff (video) (Sept 2012, CSteipp (WMF)
 * Writing security code (video) (Berlin Hackathon 2012, Tim Starling)
 * 2020 AppSec Training by ROS (internal only)
 * 2021 AppSec Training by ROS (internal only)

PCI / OWASP
This training is given twice each year to the Fundraising tech, to fulfill PCI requirements
 * 2018 Google Slides (permission granted upon request - see SBassett_(WMF)
 * Commons PDF copy of aforementioned Google Slides
 * Accompanying Code Examples (hosted at Github)
 * YouTube Live Recording of 2018 Training Session (currently private)

Operational Security

 * OpSec for Everyone (slides) (WMF Staff Only, at this point)
 * Protecting your digital identity

OWASP Top 10 - 2017

 * Presentation on the OWASP Top 10 by Dave Wichers January 10 2018 (video) (slides)