Developer's guide to preventing XSS


Fresh from OWASP NZ Day 2017 (, we bring you this talk:


An introductory talk on cross site scripting, targeted towards webapp developers and QA engineers. Common methods of identifying the issue, as well as prevention and mitigation will be shown in this demo-heavy presentation.

Speaker Bio

Felix works in the product security space at an online accounting software company named Xero. He joined in 2014 and his day job involves securing and breaking internally developed products. Before Xero he spent his previous years as a developer, and has been dabbling in the information security scene in Wellington.


A livestream of the talk will be on youtube shortly after 6pm at this url: