Web Application Security
Common web application security issues such as XSS, SQLi, code injection, command injection, file uploads, and data extraction. Real examples and vulnerabilities are presented, emphasizing the importance of maintaining operating systems and application software with appropriate updates.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Web Application Security A Concrete Discussion with Brad brad@vt.edu
Common Web App Security Issues XSS SQLi Code Injection Command Injection File Uploads Data Extraction
Some Examples Follow The people are real The vulnerabilities are real The findings are final
Manual Process Expensive Slow Knowledge Time Motivation
Dorkbot Automation All notifications will come from security@utexas.edu All checks will come from autoscan.infosec.utexas.edu (146.6.15.11) You might see some manual verification from 146.6.193.0/24
Closing Remarks University Policy 7010 Maintain the operating system and application software with appropriate updates Appropriate updates means patches and updates that correct vulnerable code. Standard for Securing Web Technology Resources https://it.vt.edu/resources/policies/index.html Input validation is to developers what weak passwords are to users.
