Michal Špaček
My trainings
And this is what they say about them: Originally, I've arranged Michal's training primarily for my colleagues because "of course I already know these things"... Michal has changed my mind in the first hour of the first day and continued to do so for the whole two days. Thanks to this training I finally understood some of the attack/defense concepts in full depth, and especially in the right context. — Jan Pospíšil, Senior PHP developer, Czech Radio
Public trainings
Come to my public trainings, everybody's welcome:
- PHP application security March 14–17, 2022 remoteafternoons
- HTTPS for developers & admins March 21–22, 2022 remoteafternoons
Trainings in Prague (or remote) are held regularly in the middle of March, June, September, and December, in other cities irregularly.
In-house trainings
Any public training can also be turned into an in-house training. As an extra, I offer these in-house-only courses:
Looking for Introduction to PHP, Classes and objects in PHP? I've handed them over to Martin Hujer. I've discontinued Web application performance, Martin Michálek runs a similar training.
My articles
Some time ago, I've change my Google password. That change logged me out of my Google account on my iPad so Photos, Chrome, and other apps were asking again for my password to log me back in. The only problem was that all I could see, was a blank page instead of the Google login form, or just -- (NSURLErrorDomain: -999) error.
At the end of August, a critical security bug was discovered and immediately fixed in one of the popular PHP frameworks, Nette. Although the author of the framework, David Grudl, did everything possible, some did not learn about the bug in time and did not update their sites and web apps. Let me tell you a few tips not only for PHP, that will help you to know about similar problems as soon as possible.
I'm organizing another round of my training, this time remotely. Afternoons, for half of the regular price.
My talks
Favorites
- HTTP hlavičky, Subresource Integrity a spol. chrání vaše návštěvníky před bezpečnostními chybami
- XSS PHP CSP ETC OMG WTF BBQ, o Cross-Site Scriptingu a Content Security Policy
- Hlava není na hesla, použijte na ně raději password manager
- HTTPS, co, proč, jak, zač, nač, kdy, kde, s kým a proti komu
- Webová bezpečnost, popis několika základních útoků i méně známých triků
- Jak jsme zlepšili zabezpečení Slevomatu a jak byste měli udělat to samé
- Zahashovat heslo, uložit, …, profit!, o správném hashování hesel
Upcoming talks
…at your event or conference, let me know!
Talks
HTTPS není jen ten zámeček
November 25, 2021, Webinář Asociace pro elektronickou komerci (APEK) (240 minutes)
Nejčastější bezpečnostní chyby webů, jak je řešit, hlásit a jak na hlášení reagovat
November 18, 2021, Webinář Asociace pro elektronickou komerci (APEK) (240 minutes)
Bezpečnost na Internetu pro všechny, phishing, hesla
November 11, 2021, Webinář Asociace pro elektronickou komerci (APEK) (240 minutes)
Braňte své webové aplikace jako když paříte StarCrafta
November 10, 2021, JavaDays 2021 (60 minutes)
Hlava není na Heslo123!
December 3, 2020, ALEF Security Talk – vzdělávání (20 minutes)
Me answering questions
Bezpečnost na internetu
February 2, 2021, Jak na sítě
Grading How Companies (In)Securely Store Passwords
August 1, 2019, All Things Auth Podcast
Engage in Continual Learning to Advance your IT Career
May 3, 2019, IT Career Energizer
Michal Špaček z Report URI o smyslu práce, potenciálu i prokrastinaci
January 15, 2019, StartupJobs
Blokování webů a stránek
June 4, 2016, Český rozhlas Online Plus