Web applications are under constant attack and intrusions and data breaches are on the rise. Though attacks can be complex and sophisticated, many of the most common vulnerabilities are straightforward to observe and exploit.
In this presentation, Tony Porterfield will describe ways for users without extensive security experience to test for common vulnerabilities in web applications using only a browser and free software tools. These techniques will be illustrated with examples of actual vulnerabilities that he has observed while testing educational web applications. He will present a test plan that can be used to survey a site’s security in a short amount of time, and describe how it relates to the OWASP ASVS and Top 10 list.
Participants will learn how to test for and discover vulnerabilities including
Participants will learn about free software and websites that can be used to evaluate security, including:
Tony Porterfield is a software engineer with 20 years experience in the computer and networking industries. A parent of two, he is a strong advocate for improving the security and privacy of web applications used by children and students.
His web app security findings have been published in the New York Times and Mother Jones, and he was a panelist at the 2014 Common Sense Media School Privacy Zone Summit in Washington DC.
Comments on this page are now closed.
For exhibition and sponsorship opportunities, contact Sharon Cordesse at firstname.lastname@example.org
For information on trade opportunities with O'Reilly conferences, email email@example.com
For media-related inquiries, contact Maureen Jennings at firstname.lastname@example.org
View a complete list of Fluent contacts