2021 OWASP Top 10: Server Side Request Forger - Ep10

Logo
Presented by

John Wagnon, Solutions Architect, F5

About this talk

SSRF flaws occur when a web app fetches a remote resource without validating the user-supplied URL. Attackers can coerce the app to send a request to an unexpected destination—even if it’s secured by a firewall, VPN, or other network access control list (ACL). Protect Your Web Apps from New and Critical Risks The OWASP Top 10 is a broad consensus about the most critical security risks to web applications. The 2021 update gives guidance to help secure modern web applications and architectures from exploits, abuse, and misconfiguration, as well as recommendations for mitigating new risks involving software supply chains, CI/CD pipelines, and open source software. Watch the 2021 OWASP Top 10 Lightboard Lesson series for a breakdown of the new OWASP Top 10 and learn: • How OWASP creates its Top 10 list of the most critical security risks to web applications. • Key changes for 2021, including recategorization of risk to align symptoms to root causes. • When each risk can manifest, why it matters, and how to improve your security posture. The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. OWASP maintains a variety of projects, including the Top 10 web application security risks standard awareness document for developers and security practitioners.

Related topics:

More from this channel

Upcoming talks (11)
On-demand talks (214)
Subscribers (16479)
F5 application services ensure that applications are always secure and perform the way they should—in any environment and on any device. F5 EMEA hosts webinar series on the latest IT industry trends around app services and security, so please stay tuned to this channel to get the latest information. To learn more about F5, visit f5.com or follow @F5_EMEA on Twitter.