One important concept in web application security is defense in depth. You protect your server, your network, your database and your application, but what about the user browser? Can it be done? Yes! Several new technologies and protocols to assist security has been added to the browsers. Several should be added, activated and configure from your web server or web page. In this presentation we will explore these technologies and learn how to use them. You'll learn about the Robots meta tags (for crawlers indexing), Browsing Compatibility, XSS and Clickjaking Protection, SSL/TLS Control, and Content Security Policy.


Comments are closed.

Lots of great information on a very important topic, security. I am looking forward to going back over the slides and links to learn more about how to secure my web applications. Thank you!

A lot of good security information that I had never seen before. Unfortunately the language barrier made it somewhat difficult for me to follow and keep up on.
I think there was too much information to cover in the time slot. I don't think removing information would be an ideal solution, but maybe breaking it into a two part talk would be helpful.

Derek Binkley at 13:22 on 25 Sep 2017

This talk contained a lot of great information about content security policies. I will bookmark the slides because they will be very useful as a reference. I think the talk could have been better presented with examples based upon concepts first and use that to explain the many different options available. I did learn a lot and will be rethinking my approach on my next server setup.