Jim Manico, founder of Manicode Security and Oliver Lavery, VP of Research at IMMUNIO
In this webinar, Jim Manico and Oliver Lavery address how application security is approached today, and how it can be improved, using the common vulnerability Cross Site Scripting (XSS) as an example. Today, application security is often left to developers with the idea that they will simply write perfect code that follows compliance regulations and has perfect functionality, and therefore there will be no security vulnerabilities or issues. Unfortunately, not only is this idea resource intensive and expensive, it is impossible. There will be errors in the code. XSS, for example, is a known vulnerability, but still afflicts 80% of web apps. Jim explains what a XSS attack is, how it is carried out, and potential effects.
Read more >
Oliver Lavery will contend that there is a way for applications to secure themselves from vulnerabilities such as XSS by leveraging the commonality of applications: the frameworks they are built on. Building security measures into the framework at the application layer allows for internal access to the state of the app and requires no code changes or resources. Then demonstrate an HTML XSS attack to show that securing apps via their frameworks allows you to automate the process of learning proper code structure to determine if a change in that structure in future renderings is an attack that can be blocked.
You will learn:
What is Cross Site Scripting (XSS)
How are XSS attacks executed, and what are the ramifications
How can your app defend itself from and XSS attack
How building security measures into an apps framework can mitigate code vulnerabilities
How to secure your app without changing your code or deadline