Tuesday, April 20, 2010

Securing Web Applications



Securing Web Services - Presentation Transcript
  1. Securing Web Applications Tara Kissoon, CISA, CISSP Visa Inc.
  2. Objectives The participant will learn more about: How to integrate OWASP Top 10 to mitigate Web application security vulnerabilities.
  3. What is an application? An application: – Defined as user software – Is made up of a number of files, including configuration files, executable programs and data files. – Is layered above an operating system and uses the functionality of the operating system to deliver its service. – The operating system provides a number of mechanisms used for securing the application. – Contains security functionality that uses mechanisms not residing within the operating system.  
  4. This presentation is on Web Services Security , pointing at almost all of the fields requires attention for web application security.Shows how to effectively manage application development lifecycle and how to integrate Top 10 OWASP projects to develop any application keeping security in mind.

    A1 - Cross Site Scripting (XSS)

    A2 - Injection Flaws

    A3 - Malicious File Execution

    A4 - Insecure Direct Object Reference

    A5 - Cross Site Request Forgery (CSRF)

    A6 - Information Leakage and Improper Error Handling

    A7 - Broken Authentication and Session Management

    A8 - Insecure Cryptographic Storage

    A9 - Insecure Communications

    A10 - Failure to Restrict URL Access

No comments:

Post a Comment

Certified Ethical Hacker Network Security Internet Security Computer Security Wireless Network Security