Tobias is the CTO at Sitewards in Frankfurt, who specialize in e-commerce solutions.
Previously he was well regarded as a freelance consultant and software architect. Over the past years he has built up a development team at Sitewards that thrives to be at the cutting edge of web development.
With passion of inspiring people he takes part in and speaks at conferences worldwide. He also publishes articles in a wide range of magazines, several blogs and has written books about web security.
Tobias has written a book addressing developers and decision makers, which plan or already maintain an e-commerce-site.
Besides the main attack scenarios like xss, injections and csrf it also covers exotics like pixel perfect timing.
Additionally frameworks and tools have been analyzed which help to secure your application.
Three consecutive articles in the german PHP Magazin about security patterns based on the OWASP Top 10.
Article in the german t3n Nr. 34 about the usage and implementation of BigPipe.
Article in the german PHP Magazin about Test-Suites in Magento.
Article in the german PHP Magazin about the installation and configuration of Apache Solr in Magento Enterprise.
Guest blog article in the german phphatesme.com blog about the usage of Microsoft SQL Server in PHP.phphatesme.com
The webmagazin recorded a video interview at the Webinale 2014. Talking about pros and cons of Magento and which alternatives are actually relevant.
Tobias was featured with his "From Dev to CTO" session from the Barcamp Rhein-Main in a following sunday newspaper.
The PHP Magazin interviewed Tobias and his colleague Michael about the passed trends and hypes in 2013 and aswell tried to give a forecast for 2014.
Maintaining the PHP section of the OWASP Top10 for developers.owasp.org
An implementation of the module management tool modman written in PHP so it runs on every OS.github.com
Implements a BigPipe option to Magento, so a block can be marked as BigPipe an will be rendered after the first flush appeared. Facebook uses that technique to avoid a blocking of the loading process by some slower components.github.com
The admin monitoring logs nearly every save and delete call in the backend of a Magento shop.github.com
A microframework to create multi-threaded php applications, built before it was cool to do that stuff. ;)github.com
The Gamification module allows to track events stored by Hackathon_FrontendMonitoring and release actions like incrementing points, earn badges or cat stickers for a user.github.com
To PHPUnit, Zend Framework, Magento Community and Enterprise, Magento 2, iniscan, Mage Setup, Typo3, Sqlsrv and many more ...
With the latest XSS and CSRF attacks on Twitter, PayPal and Facebook, security is still obviously a very
difficult thing to get right.
Every 3 years, the open web application security project (OWASP) releases a new Top 10 vulnerabilities, this talk will walk you through 2013s list.
Presenting you the possible attack scenarios and how you can protect against them.
In addition we'll look at more security issues which are not part of the Top 10, but that you should definitely keep in mind.
You might know about XSS and usual SQL injection, but time has changed and we have to keep up-to-date with the latest attack scenarios.
Do you also know what clickjacking is? If not I'll show you how to protect against it.
I'll also present techniques like Perfect Pixel Timing and a combination of xss/time-based-sql-injection to access intranet sites, which are not even compromised.
Recently on the net there was a lot of chatter surrounding the myth of the 10x programmer.
It claims that some individuals are 10x more efficiently than some of their colleagues.
In this talk we'll look into this species of superproductives!
How can we measure efficiency of a programmer at all? Is it the lines of code, amount of fixed bugs or number of empty Red Bull cans per hour?
After that we'll have a look if it's actually possible to achieve 10x productivity and if so what's needed to get there.
After beeing a freelancer for several years Tobias joined 2011 Sitewards as CTO.
He recognized very fast that the job in a full management position is some kind of different then developers think of.
In this talk he talks about challenges and problems, but also which steps and solutions helped to build a highly motivated and successful team.
Besides the technical and disciplinary leadership it's also about recruiting, motivation and team-development.
Magento 2 was first announced way back when in 2010, but a lot can change in IT over four years.
There was not a lot of noise from the Magento camp until October 2013. Now there is a public repository with updates published weekly.
In this talk we'll have a look at the current technical status, make a comparison to the first version of Magento and review the road ahead.
An e-commerce project has to be extremely fast, had a lot of features, and needs to be easily maintainable.
That is what we all know, but what does that actually mean in relation to the code?
In this session we'll not only show you how to build code of very high quality, but how to measure it's quality.
We'll show you not only how to start, but also having long-term success with your system.
The Magento search is usually set up with MySQL Fulltext, which is not only limited in amount of features, but also known as a performance bottle neck.
The talks shows from a technical point of view, how easy it is to set up a fast and efficient search incl. autosuggest-capabilities based on Apache Solr in Magento Enterprise with the integrated Enterprise_Search module.
The loading time of a website is one of the most important factors for its success. The amount of abandoned
page loads raises dramatically, the longer the user has to wait for the content.
Facebook invented a new technology called BigPipe which allows the user to already see the essential parts of a website, while long-loading content is still being rendered. This delivers a better user experience and less abandoned page loads.
This talk will show you the technical details of BigPipe and how it can help you to speed up your site and what you need to know to implement it.