Video: Beyond The OWASP Top 10

 

We’ve all heard of the OWASP Top 10—it is the standard first reference we give web developers who are interested in making their applications more secure. It is also the categorization scheme we give to web vulnerabilities on our pentest reports. But surely there is more to web application security than the OWASP Top 10, right?

In this talk that our Senior Security Researcher, Aaron Hnatiw, recently gave at NolaCon 2017, he discusses three vulnerabilities that don’t quite fit into the OWASP Top 10 categories but are just as dangerous if present in a web application. Both developers and pentesters can benefit from Aaron’s talk, as he covers both exploits and mitigations for each of the three vulnerabilities.

[embed]https://youtu.be/g6EKAyRI8kE[/embed]

Follow Aaron Hnatiw on Twitter @insp3ctre.

 

 

Previous Article
SSRF as a Service: Mitigating a Design-Level Software Security Vulnerability
SSRF as a Service: Mitigating a Design-Level Software Security Vulnerability

Aaron Hnatiw is a Senior Security Researcher in Security Compass’s Advisory unit. His work involves learnin...

Next Article
WannaCry and the Elephant in the Room
WannaCry and the Elephant in the Room

After the recent news of “WannaCry” Ransomware crippling systems worldwide, people have started to opine on...

×

Schedule a live demo

First Name
Last Name
Company Name
!
Thank you!
Error - something went wrong!