Explore the latest changes in the OWASP Top 10 with security expert Bill Sempf in this 50-minute conference talk from BSides Cleveland 2018. Gain insights into critical web application security risks, including injection attacks, broken authentication, sensitive data exposure, and access control issues. Learn about emerging threats such as XML external entity attacks and insecure deserialization. Discover the importance of proper security configuration, addressing known vulnerabilities, and implementing sufficient logging practices. Watch a live demonstration and leave with a comprehensive understanding of the evolving cybersecurity landscape.
Overview
Syllabus
Intro
Who am I
What is OS
What Happened
Injection
Broken Authentication
Sensitive Data Exposure
Access Control
Security Configuration
Crosssite scripting
Known vulnerabilities
Speed of development
XML externa
Insecure deserialization
Insufficient logging
Demo
Wrap Up
