Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Injecting Security Into Web Apps With Runtime Patching And Context Learning

nullcon via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore cutting-edge web application security techniques in this 55-minute conference talk from nullcon Goa 2017. Delve into Runtime Application Self Protection (RASP) and learn how to implement runtime patching algorithms to secure vulnerable applications against code injection and other logical issues. Discover methods for preventing SQL injection, remote command execution, cross-site scripting, and more through dynamic rule generation and context-aware protection. Compare RASP to traditional Web Application Firewalls (WAFs) and understand its advantages in tackling modern AppSec challenges like session hijacking, Layer 7 DDoS, and credential stuffing. Gain insights into the future of runtime protection and its potential to defend against zero-day vulnerabilities affecting framework and language components.

Syllabus

Intro
AGENDA WHAT THE TALK IS ABOUT?
STATE OF WEB FRAMEWORK SECURITY Remote Os Command Execution - No
APPLICATION SECURITY RULE OF THUMB
RUNTIME APPLICATION SELF DEFENCE
TYPES OF RASP
FOCUS OF RESEARCH
MONKEY PATCHING
LEXICAL ANALYSIS AND TOKEN GENERATION
PREVENTING CODE INJECTION VULNERABILITIES
REMOTE OS COMMAND INJECTION HOOK
REMOTE OS COMMAND INJECTION PROTECT
PREVENTING HEADER INJECTION
FILE UPLOAD PROTECTION
PREVENTING PATH TRAVERSAL
THE RASP ADVANTAGES
BIGGEST ADVANTAGE

Taught by

nullcon

Reviews

Start your review of Injecting Security Into Web Apps With Runtime Patching And Context Learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.