Difference between revisions of "Web Application Security"

From haecksen
Jump to: navigation, search
 
Line 1: Line 1:
== Web Application Security - Find the Flaw, or Someone Else Will Do==
 
  
by Victoria Polzer
 
 
Short description:
 
 
Extensive information on web application security mistakes (and how to
 
avoid them) has been available for quite a while. Yet many web
 
applications still come with flaws that are often easy to find and
 
exploit. The currently hyped AJAX will probably increase the number of
 
buggy applications, since it invites programmers to entrust critical
 
tasks like input validation and access control to the browser - thereby
 
making it easy for malicious users to bypass these checks.
 
 
This talk will provide a short overview of how web applications work and
 
then discuss the most common security flaws and attacks (e.g. SQL
 
Injection and Cross Site Scripting). It also presents methods and tools
 
that can be used to test for these issues.
 

Revision as of 16:45, 21 October 2007