Security Sins and their Solutions
Abstract
The talk will cover the most insidious security vulnerabilities in Java Web and EE applications through practical demonstration of how to exploit these vulnerabilities and recommendations on how to prevent them. The threat posed by each vulnerability will be explained, first in theory, then through demonstration and finally strategies for mitigating the flaw will be introduced. The talk will conclude with a discussion about integrating security at every step of the development life cycle.
- SQL injection
- Cross Site Scripting
- Un-authenticated Transactions
- Misplaced trust
- Towards a Secure Software Development Lifecycle
- Secure design
- Secure development
- Security testing
Speaker
Related Links
