Explore the case for runtime protection in web application and API security in this 51-minute LASCON conference talk. Examine why traditional OWASP recommendations have not significantly improved application security over the past 20 years. Learn how runtime protection can inoculate applications against common vulnerabilities like SQL injection and unsafe deserialization without changing development practices. Discover how this approach replicates the success of Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR) in dramatically increasing the difficulty of exploiting vulnerabilities. Delve into the implementation details, benefits, and potential impact of runtime protection on application security programs and security culture.
Overview
Syllabus
Invited - Jeff Williams - The Case for Runtime Protection
Taught by
LASCON
Related Courses
-
Popular Approaches to Preventing Code Injection Attacks are Dangerously Wrong
-
Injecting Security Into Web Apps With Runtime Patching And Context Learning
-
Fixing the Unfixable: Solving Pervasive Vulnerabilities with RASP
-
Jumpstarting Your DevSecOps Pipeline with IAST and RASP
-
Exploit Mitigation Improvements in Windows 8
-
Securing Backend Applications - OWASP Recommendations
