Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

New Web Platform Security Features to Protect Modern Web Applications

OWASP Foundation via YouTube

Overview

Explore cutting-edge web platform security features designed to protect modern web applications in this 30-minute conference talk from OWASP Global AppSec Tel Aviv. Delve into the historical vulnerabilities that have plagued web applications, such as XSS, CSRF, and clickjacking, and discover exciting new security mechanisms available in 2019 web browsers. Learn how to effectively implement these features to safeguard your applications. Examine major threats based on an analysis of thousands of vulnerability reports received by Google through their Vulnerability Reward Program, identifying common themes among seemingly unrelated bugs. Focus on the most frequent high-risk problems and explore protective mechanisms implemented in modern browsers, including CSP3, Trusted Types, Fetch Metadata Request Headers, and CORP/COOP. Gain insights from Lukas Weichselbaum, a Staff Information Security Engineer at Google with over a decade of industry experience, as he shares his passion for securing web applications from common vulnerabilities.

Syllabus

Intro
Common Web Security Flaws
Isolation
Resource Isolation
Resource Isolation Example
CrossOrigin Opener Policy
CSP
TLDR

Taught by

OWASP Foundation

Reviews

Start your review of New Web Platform Security Features to Protect Modern Web Applications

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.