Peeling the Web Application Security Onion
Keith Mashinter, Noam Lorberbaum at BSidesSF 2020
Bruce Schneier said security is a process, not a destination. This talk focuses on web app security aspects in the browser, CDN or API Gateway, Static Content Servers, and Dynamic Web Services. It shows how you can better mitigate risks in the multi-layered security onion without tears or fears.