Every web developer should know about typical attacks such as SQL Injection, Cross-Site Request Forgery, or Cross-Site Scripting. And even though those risks still exist, the bad guys worked on finding new twists to old attacks, or even find new kinds of vulnerabilities on a web site. In this session, we will show and discuss several of those new vectors, including attacks against Angular applications, Clickjacking, abusing external links, XSS via file uploads, and a few more. Technology never stops to evolve, so it’s crucial to stay on top of current developments.


Comments are closed.

Jos Elstgeest at 14:21 on 25 Jan 2020

Great talk, every time you think you've caught up with security issues, someone comes along and wakes you from your blissful slumber and makes you realize you have work to do on security.

Great speaker, great energy, nothing mind blowing but a fun talk to watch. A great refresher

Jarno lasseel at 13:58 on 26 Jan 2020

A good speaker and a good talk, clear and informative. Allot of practical tips and things to do / worry about. Also a great reminder that security is a never ending task

So much of web security is same-old same-old, and the OWASP top 10 never changes much - but Christian provides a sharp reminder of how to avoid being complacent while keeping us all awake in a high-speed, entertaining, and light-hearted style.