This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Front Range OWASP Conference 2013/Presentations/TopTen"

From OWASP
Jump to: navigation, search
(Created page with "===Top Ten Web Application Defenses=== We cannot 'firewall' or 'patch' our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer...")
 
 
Line 6: Line 6:
  
 
This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.
 
This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.
 +
 +
[[Media:Manico.pdf | Slides]]
 +
[https://vimeo.com/68091564 Video]
 +
<br>

Latest revision as of 17:49, 11 June 2013

Top Ten Web Application Defenses

We cannot 'firewall' or 'patch' our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day.

Citigroup, PBS, Sega, Nintendo, Gawker, AT&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and thousands of others have something in common – all have had websites compromised in the last year. No company or industry is immune. Programmers need to learn to build websites differently.

This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.

Slides Video