Web security: OWASP project, CSRF threat and solutions.


In a society in where we can all see an exponential growth in hacking attacks, this presentation raises awareness of web security vulnerabilities, what web developers can do to protect their web applications and which tools are available to ease the task.
In particular, I'm going to provide an overview on the OWASP top ten vulnerabilities, then focusing on CSRF (Cross-Site Request Forgery) attack, showing how it works, the impacts it can have, and how it is possible to prevent it.
Finally, I will briefly describe the OWASP LAPSE project, a useful Eclipse plugin for detecting vulnerabilities in Java EE applications.


Slides (External URL)

Session details
Speaker(s): Session Type: Experience level:
Track: Tags:
Schedule info
Session Time Slot(s):
Seminarraum 5 - Thursday, October 30, 2014 - 13:30 to 14:05