add-memberalign-toparrow-leftarrow-rightbellblockcalendarcamerachatchevron-leftchevron-rightchevron-small-downchevron-upcircle-with-crosscomposecrossfacebookflagfolderglobegoogleimagesinstagramkeylocation-pinmedalmoremuplabelShape 3 + Rectangle 1pagepersonpluspollsImported LayersImported LayersImported LayersshieldstartwitterwinbackClosewinbackCompletewinbackDiscountyahoo

Build but don't break: Lessons in Implementing HTTP Security Headers

  • Feb 26, 2014 · 6:00 PM
  • This location is shown only to members

Hi all,

This is a fully remote meeting.  Check the WebEx info.  For those that can't make it, we'll be sending out the fully recorded audio/ video after the meeting date.  Thanks.


ABSTRACT: Content Security Policy is a new standard from the WC3 that aims to help stop a mainstay of the OWASP top 10, cross-site scripting (XSS). The problem faced by many major sites today is how to craft a working content security policy that works for already existing applications. We will discuss real world techniques to simplify policy generation and testing, as well as discuss what changes are coming in CSP version 1.1. I will also discussion additional security headers such as X-Frame-Options to stop clickjacking and HTTP Strict Transport Security to stop man-in-the-middle attacks.

********************WebEx INFO**********************

Meeting information
Topic: Build but don't Break - OWASP ATL Feb Meeting
Date: Wednesday, February 26, 2014
Time: 6:00 pm, Eastern Standard Time (New York, GMT-05:00)
Meeting Number:[masked]
Meeting Password: OWASPATL2014

To start or join the online meeting
Go to

Audio conference information
Call-in toll number (US/Canada):[masked]

Having trouble dialing in? Try these backup numbers:
Call-in toll number (US/Canada):[masked]
Global call-in numbers:

Access code:[masked]

For assistance
1. Go to
2. On the left navigation bar, click "Support".
To update this meeting to your calendar program (for example Microsoft Outlook), click this link:

To check whether you have the appropriate players installed for UCF (Universal Communications Format) rich media files, go to

Join or login to comment.

Our Sponsors

  • MailChimp

    Food, Location, and Financial Support! Thanks MailChimp!

  • VerSprite

    Meetup site sponsor for 2014 and WebEx sponsor for remote meetings.

  • Checkmarx

    Financial Sponsorship of ATL Chapter

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy