Overview
Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore modern security standards and cut through confusing acronyms in this comprehensive conference talk from NDC Security 2018. Dive into powerful features that can quickly boost security and simplify implementation. Learn about Content Security Policy (CSP), including basic policy creation, fine-tuning, additional directives, testing, and reporting. Examine the XSS Auditor and its policy values. Understand HTTP Strict Transport Security (HSTS) directives and how to create an effective STS policy. Discover strategies to combat rogue certificates and explore new DNS records. Gain valuable insights from security expert Scott Helme on enhancing web application security and streamlining development processes.
Syllabus
Intro
Content Injection
A basic policy
Fine tuning
Additional CSP Directives
Testing CSP
CSP Reporting
XSS Auditor
Policy Values
Without HSTS
STS Directives
An STS Policy
Rogue Certificates
A New DNS Record
Overview
Taught by
NDC Conferences