In a society in where we can all see an exponential growth in hacking attacks, this presentation raises awareness of web security vulnerabilities, what web developers can do to protect their web applications and which tools are available to ease the task.
In particular, I'm going to provide an overview on the OWASP top ten vulnerabilities, then focusing on CSRF (Cross-Site Request Forgery) attack, showing how it works, the impacts it can have, and how it is possible to prevent it.
Well, things have changed and in this presentation, you will see how the workflow used to deliver web applications has evolved over the past few years and where the Eclipse Foundation's tools stand in this new world!
Many web applications use form-based UIs for entering and modifying data. The development of these forms involves creating the layout of the corresponding page for the widgets (HTML and CSS), retrieving data from the server (e.g., RESTful API and JSON), binding the form’s widgets to the data (e.g., JSON and AngularJS) and pushing the results back to the server (e.g., RESTful API and JSON). All of these parts typically require manual effort.
Imagine your boss tells you to set up the cloud-infrastructure for a public trial system in three days. It should consist of isolated software labs where the trial users are able to execute their uploaded web applications. When a user joins the trial, a sandbox for his personal use should be created on-the-fly. In this sandbox he can access, manage, and monitor his latest application whenever he wants.
You think this is impossible? We thought the same :-)