You are all aware of what are XSS vulnerabilities; do you know what's Clickjacking? You have probably heard of Root Certificate compromission; do you know the principle of a protocol downgrade attack? You're coming to SymfonyCon because you are HTTP application developers and I will present you awesome HTTP headers that will help you to mitigate these kind of attacks, just using W3C WebAppSec recommendations.

Comments

Comments are closed.

Rated 3

Tom ate at 15:53 on 2 Dec 2016

Hard to follow.

Rated 2

Jens Hassler at 15:59 on 2 Dec 2016

Couldn't really follow. Maybe it was too late.

Rated 3

Steve Winter at 16:03 on 2 Dec 2016

Content was interesting and useful, but the presentation was hard to follow.

Rated 4

Hans Krentel at 16:05 on 2 Dec 2016

Nice presentation, nice accent, would love to see the slides linked b/c of the many resources this topic has.

Rated 4

Grzegorz Kawka at 16:05 on 2 Dec 2016

Very interesting topic and nice presentation but little hard to follow

Rated 4

Asmir Mustafic at 16:12 on 2 Dec 2016

good presentation. still to become more confident, but it's just practice. liked it

Quite interesting

Interesting topic, well covered and presented.

Rated 2

Ilia Petriaev at 17:11 on 2 Dec 2016

Interesting topic, but the presentation was weak.

I was presented with bunch of headers that will help me to secure my customers from XSS attacks. Thats about it. This was good to know info. Easy to follow and understand. Thank you!

It was a bit too hard to follow towards the end. Maybe they should have fit in this talk somtime in the morning. The topic itself is quite interesting in my point of view.

Rated 3

Cesar at 08:21 on 3 Dec 2016

Content waa interesting but hard to follow

Rated 3

Vasily Rodin at 14:44 on 3 Dec 2016

Really difficult to understand. Maybe more examples from real life, like with last github attack?

hard to follow.

Rated 5

E Ciotti at 00:25 on 6 Dec 2016

A talk should either teach something not obvious, or inspire. This talk achieved the former.
I give a 5 stars to counterbalance the other votes. The quantity of the content fit well the timeslot and was reasonably well explained considering the needed tech-detailed jargon