Name: Securing a web (site/app/api): hands on!
Start: 2020-01-28T19:00:00-05:00
End: 2020-01-28T21:00:00-05:00
Location: Agilicus Incorporated

Didn't get a lot of comments on topics.
This is one i've been working on for a bit, covered in recent vid and blog https://www.agilicus.com/assess-web-security/

I will go through how one assess a web app/api/site for security. How to harden it, showing some of the tools.

I will then show some of the complex things you can do w/ a Web Application Firewall (WAF) using resty-lua-waf (https://github.com/p0pr0ck5/lua-resty-waf) as an examplke, if you are stuck with a weak app and no way to fix its code.

Topics:

- Content-Security-Policy
- XSS-*
- Cross Origin Request Sharing
- HTTP Strict Transport Security
- TLS setup
- DNS CAA

Feel free to open https://observatory.mozilla.org/analyze/www.rbcroyalbank.com and be amazed @ the score of 0/100 (F).

Don Bowman

Waterloo Technology Chautauqua

Technology

Linux

Open Source

Software Development

Web Technology

Big Data

Computer Programming

Professional Development

New Technology

Cloud Computing

Business Strategy

Securing a web (site/app/api): hands on!

Agilicus Incorporated

Share

Waterloo Technology Chautauqua

Securing a web (site/app/api): hands on!

Waterloo Technology Chautauqua

Details

Members are also interested in