6 Application Security Design Patterns You Should Know

Dies ist ein vergangenes Event

52 Personen haben teilgenommen

Floragasse 7

Floragasse 7 · Wien

Wie du uns findest

Take the elevator to the 5th floor, ring at "SBA Research"

Bild des Veranstaltungsortes


Many well-known security vulnerabilities in web and mobile applications could be easily avoided if they were already accounted for in the design phase. Often enough, changing the application on the architecture level late in the development phase is cumbersome and results in overly complicated and barely maintainable solutions.

In this Meetup, we'll have a look at 6 application security design patterns that, if considered early, will make your life easier in terms of securing your application. Here are some of the goals that can be achieved with the discussed patterns:

- Easier centralized session and access management
- Mitigation of CSRF without the hassle of anti-CSRF tokens
- Making the integration of a Content Security Policy a breeze
- Effective defense in depth against missing object-level access control
- Mitigating arbitrary entity field overwrites by design
- Mitigating excessive data exposure by design
- Mitigating DoS through systematic user lock-out
- Device and session lists
- Notifications upon a login from a new device
- And more!

18:00: Gathering
18:15: Talk "6 Application Security Design Patterns You Should Know" by Thomas Konrad
19:00: Q&A
19:15: Drinks, snacks, discussions, socializing!

Photo by Fabian Grohs on Unsplash