other: Application security screw-ups, vintage of 2019
This talk will show some application security problems that while untreated, can result in various levels of compromise. Mostly everyone focuses on the OWASP Top 10, which is in larger sense true and valid, but commonly, far more problematic attacks happen from either lower hanging fruit or vulnerabilities that can be easily mitigated.
Let's explore a few things like XSS, authentication, authorization and see what kind of stuff can attackers and defenders can do in this space to make life hard for the other party :)
Start time: 14:15
- Threat Hunting Workshop