Skip to main content

Attacking Web Applications

Sasha Goldshtein (Sela Group)
Front End Libraries, HTML5, CSS3, and Browser Tech, The Server Side
Location: Salon 8 Level: Intermediate
Average rating: ****.
(4.81, 26 ratings)
Slides:   1-PDF 

Workshop Prerequisites

There are no prerequisites for attendees.

Workshop Description

To secure web applications, you must adopt the mindset of the attacker. Attackers usually look for easy intrusion vectors in web applications, but if they decide to focus on your application, they will find esoteric issues as well. In this session we’ll review common attacks on web applications: SQL injection, cross-site scripting (XSS), broken authentication, cross-site request forgery, information disclosure, and insecure password storage. Finally, we will see how to secure web applications against these attacks.

Photo of Sasha Goldshtein

Sasha Goldshtein

Sela Group

Sasha Goldshtein is the CTO of Sela Group and a Microsoft C# MVP. He specializes in mobile application development, performance optimization, and production debugging. Sasha is the author of “Pro .NET Performance” (Apress) and “Introducing Windows 7 for Developers” (Microsoft Press), as well as numerous training courses. He is a frequent conference speaker and a prolific blogger.

Comments on this page are now closed.


Picture of Sasha Goldshtein
Sasha Goldshtein
03/11/2014 8:43am PDT

Of course! Thank you for coming.

The slides are here:

(unfortunately, SlideShare doesn’t support HTTPS yet ;-))

Marcelo Siqueira
03/11/2014 8:32am PDT

Hi Sasha, can you post the links for the presentation and the sites you showed?