Explore client-side security headers and their role in mitigating vulnerabilities like Man-In-The-Middle attacks, Clickjacking, XSS, MIME-Type sniffing, and Data Caching in this conference talk from AppSecUSA 2014. Learn about key security headers including Strict-Transport-Security, X-Frame-Options, X-XSS-Protection, Content-Security-Policy, and X-Content-Type-Options, along with their configuration options. Discover the newly released open-source Security Header Injection Module (SHIM) for ASP.NET, designed to easily implement these headers in web applications. Presented by Aaron Cure and Eric Johnson, experienced security consultants from Cypress Data Defense, this 39-minute talk provides valuable insights into enhancing client-side security for developers and security professionals.
Client-side Security with the Security Header Injection Module (SHIM)
Overview
Syllabus
Clientside security with the Security Header Injection Module SHIM - OWASP AppSecUSA 2014
Taught by
OWASP Foundation
Related Courses
-
Web Application Penetration Testing: Client-side Testing
-
OWASP AppSecUSA 2014 - Builders Track Sessions
-
HTTP Security Headers You Need To Have On Your Web Apps
-
Modern Web Application Defense with OWASP Tools
-
Enhancing ReactJS Application Security: Cross-Site Scripting and Client-Side Defense
-
Boosting the Security of Angular Applications
