Modern Web Application Defense with OWASP Tools

Presented at AppSec USA 2014, Sept. 18, 2014, 9:30 a.m. (45 minutes).

To address security defects developers typically resort to fixing design flaws and security bugs directly in the code. Finding and fixing security defects can be a slow, painstaking, and expensive process. While development teams work to incorporate security into their development processes, issues like Cross-Site Scripting (XSS), Session Hijacking, and Clickjacking continue to plague many commonly used applications.

See how these vulnerabilities actually work and see live demos showing how various OWASP proects and tools can be used to mitigate common attacks.

Using an interactive approach that solicits audience participation, developers and architects will learn how to proactively prevent attacks from occurring and stop hackers from exploiting their applications.

Presenters:

• Frank Kim - SANS Institute
  Frank Kim is a security leader with 17 years of experience in information security, risk management, and enterprise IT. He has a passion for developing security strategies and building teams focused on practical solutions to business risks. He currently serves as the curriculum lead for application security at the SANS Institute and is the author and an instructor for the Secure Coding in Java course. Frank is a frequent public speaker at security, software development, and leadership events around the world.

Links:

• https://owaspappsecusa2014.sched.com/event/Nvwq3l/modern-web-application-defense-with-owasp-tools
• https://www.youtube.com/watch?v=monT4F7Cpto

Similar Presentations:

• AppSec USA 2017 / Leveraging the ASVS in the Secure SDLC
• LocoMocoSec 2019 / Building Secure API's and Web Applications: Secure Coding with Aloha Training
• Black Hat USA 2019 / Shifting Knowledge Left: Keeping up with Modern Application Security