This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Front Range OWASP Conference 2013/Presentations/TopTen

From OWASP
Revision as of 00:53, 10 March 2013 by Mark Major (talk | contribs) (Created page with "===Top Ten Web Application Defenses=== We cannot 'firewall' or 'patch' our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Top Ten Web Application Defenses

We cannot 'firewall' or 'patch' our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day.

Citigroup, PBS, Sega, Nintendo, Gawker, AT&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and thousands of others have something in common – all have had websites compromised in the last year. No company or industry is immune. Programmers need to learn to build websites differently.

This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.

Retrieved from "https://wiki.owasp.org/index.php?title=Front_Range_OWASP_Conference_2013/Presentations/TopTen&oldid=147320"