Talk in English - US at php[world] 2019
View Slides: https://speakerdeck.com/ericmann/web-application-security-update-top-vulnerabilities
Short URL: https://joind.in/talk/03f35
(QR-Code (opens in new window))
The Open Web Application Security Project (OWASP) curates a list of the top ten security risks for web applications and how to mitigate them. The ever-changing world of web development created a challenge for the 2017 list, which needs to combine both existing approaches and modern trends in web development. This Talk will have a look at each item in the list from a PHP perspective, demonstrate what can go wrong, and make sure that this won’t happen in our web sites.
The Open Web Application Security Project (OWASP) curates a list of the top ten application security risks for web applications. It is a great place to start when developing a strong security stance for your application and team. Security is an ever-changing world and it's important to keep up to date with modern trends in mitigating vulnerabilities.
With the attendees, we will look at each item in the list, and show:
- How to detect the risk in your own code
- How to patch or prevent the risk
- Practical resources for taking further actions to protect your stack
Comments
Comments are closed.
Thank you very much for going over these. I already knew about some of these but your specific fixes for them will be very helpful, example disabling certain dangerous PHP functions that you probably aren't using.