AppSec Blog

Free AppSec Webcasts

Here are some recent appsec webcasts for your viewing pleasure:

- Web Application Threats: Combining XSS and CSRF to own the world!
Kevin Johnson covers Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF). Specifically, "how they can be used to exploit users and applications, how to find them and what their combined power can accomplish."

- Innovation in Application Security: Application Risk Management
John Sapp discusses "business critical application security trends and the need for comprehensive approaches to secure software development" including coverage of what "application attacks are most prevalent now, the importance of the secure development lifecycle (SDL), and cost-effective methods to implement a program-level commitment to security throughout the SDL."

- Trust and Verify: Securing Client Side Code in Web Services Oriented Applications
Johannes covers new threats and mitigation strategies architects and developers need to be aware when "a variety of different web services using client side scripting languages like flash or javascript" are used and "services are not authenticated and messages with critical content are forwarded without sufficient protection."

Post a Comment


* Indicates a required field.