The TEKX conference is now in full swing and one attendee, Chance Garcia has already shared some of what he's learned at the tutorial days - being the bad guy and best practices.
Chance Garcia was in the "Bad Guy For a Day" session given by Arne Blankerts
This will be interesting since this will be stream of thought on the tutorial as it goes on. [...] Remember to secure your infrastructure. Anecdote about a setup with default root of database was given. Keep in mind how you train users. Example error alerts training people to accept errors as ok and to click through.
He "live blogs" the rest of the session that mentions infrastructure issues, user interface problems and some of the more popular attack vectors.
His other "live blog" covered Matthew Weier O'Phinney and Lorna Mitchell's Best Practices talk, complete with mentions of version control practices, design patterns, unit testing and more.