Practical Security for Web Applications (extended session) - Chris Holland - TriNet - OS101

preview_player
Показать описание
Chris Holland, Director of Engineering at TriNet, delivered the extended (90 minutes) talk "Practical Security for Web Applications" at Open Source 101 on Tuesday, March 30, 2021.

Abstract:
Explore effective methods to identify & avoid the most common and devastating security pitfalls in Web Applications.

When it comes to an enterprise’s exposure to security vulnerabilities, one could easily argue that its web presence is by far its greatest threat. There are many ways to build vulnerable applications and a few effective ways to “build them right”. We’ll instrument you to stay on the right side of this equation.

Basic Resources and Tooling
—————————–
We’ll look at the OWASP Top 10
Open-Source Code Analysis for your CI/CD
Open-Source Security Scanning
Low-level Threat Avoidance
—————————-
Avoiding SQL Injections
Dangers of not properly using an ORM
NoSQL injections
Avoiding CSRF
Avoiding XSS
Data Scrubbing
Data Rendering
Application Threat Avoidance
—————————–
User Authentication / Password Hashing
OAuth Security
Resource Access
Multi-Tenancy: Users & Companies

Chris on the internets:
  1. All Things Open
  2. Open Source
  3. All Things Open
  4. Software
  5. Technology
Рекомендации по теме
Practical Security for 0:59:17

Practical Security for Web Applications - Chris Holland

Practical Security in 0:52:07

Practical Security in Web Applications | Chris Holland

Practical Security for 1:42:07

Practical Security for Web Applications (extended session) - Chris Holland - TriNet - OS101

Application Security 101 0:08:05

Application Security 101 - What you need to know in 8 minutes

Practical Security in 1:12:09

Practical Security in Web Applications / Chris Holland (TriNet)

Web App Vulnerabilities 1:28:49

Web App Vulnerabilities - DevSecOps Course for Beginners

Practical Web Application 0:26:01

Practical Web Application Security - Part 1 - SQL Injection Attacks and Defenses [Hacksplaining]

Practical Security in 1:12:14

Practical Security in Web Applications / Chris Holland (TriNet)

Live Hacking: TryHackMe 2:37:17

Live Hacking: TryHackMe - Web Application Pentesting - Part 1 | AMA

Securing modern web 0:06:18

Securing modern web applications

Practical Web Application 0:09:54

Practical Web Application Security & Testing | By Asecurity

Practical Tips for 0:35:43

Practical Tips for Defending Web Applications in the Age of DevOps

Learn Application Security 0:05:53

Learn Application Security in 5 Minutes | EC-Council CASE (Certified Application Security Engineer)

How to Prepare 0:09:17

How to Prepare for The Practical Web Penetration Tester Exam

Ethical Hacking 101: 2:47:57

Ethical Hacking 101: Web App Penetration Testing - a full course for beginners

Best Practice in 0:00:11

Best Practice in Web App Security

Practical Web Application 1:36:05

Practical Web Application Penetration Testing | Web Application Security #penetrationtesting

Zane Lackey - 0:53:07

Zane Lackey - Practical tips for web application security in the age of agile and DevOps

Common Security Risks 0:33:29

Common Security Risks in Web Applications and How to Reduce Them

Practical tips for 0:53:07

Practical tips for web application security

The only Web 0:05:54

The only Web Security Site Practice List you will ever need

Basic Web Applications 1:03:28

Basic Web Applications Security - Grzegorz Goławski - code::dive 2018

Practical Approach of 1:31:31

Practical Approach of Application Security and Understanding on OWASP Top 10

Practical Example of 0:05:48

Practical Example of Web Application Security | THM Series: Introduction to Cyber Security #3