Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Modern Web Application Defense with OWASP Tools

OWASP Foundation via YouTube

Overview

Explore modern web application defense techniques using OWASP tools in this 40-minute conference talk from AppSecUSA 2014. Dive into common vulnerabilities like Cross-Site Scripting (XSS), Session Hijacking, and Clickjacking, and learn how to mitigate them effectively. Witness live demonstrations of OWASP projects and tools in action, and discover proactive strategies to prevent attacks and protect applications. Gain insights into Contextual Output Encoding, Content Security Policy, Strict-Transport-Security, and Cross-Site Request Forgery (CSRF) defenses. Participate in an interactive session designed for developers and architects to enhance their understanding of practical security solutions and risk mitigation techniques.

Syllabus

Cross-Site Scripting (XSS)
Contextual Output Encoding
Content Security Policy
CSP Requirements
CSP Directives
CSP Examples
Strict-Transport-Security
X-Frame-Options
Using Secure Headers
Cross-Site Request Forgery (CSRF)
OWASP 1-Liner
Normal JSON Message
CSRF Attack Form
Forged JSON Message
CSRF Defense
CSRFGuard JSP Tags
CSRFGuard DOM Manipulation

Taught by

OWASP Foundation

Reviews

Start your review of Modern Web Application Defense with OWASP Tools

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.