Modern Web Application Defense with OWASP Tools
Frank Kim at AppSec USA 2014
    To address security defects developers typically resort to fixing design flaws and security bugs directly in the code. Finding and fixing security defects can be a slow, painstaking, and expensive process. While development teams work to incorporate security into their development processes, issues like Cross-Site Scripting (XSS), Session Hijacking, and Clickjacking continue to plague many commonly used applications.
See how these vulnerabilities actually work and see live demos showing how various OWASP proects and tools can be used to mitigate common attacks.
Using an interactive approach that solicits audience participation, developers and architects will learn how to proactively prevent attacks from occurring and stop hackers from exploiting their applications.
Speaker
Frank Kim
SANS Institute
Frank Kim is a security leader with 17 years of experience in information security, risk management, and enterprise IT. He has a passion for developing security strategies and building teams focused on practical solutions to business risks. He currently serves as the curriculum lead for application security at the SANS Institute and is the author and an instructor for the Secure Coding in Java course.
See how these vulnerabilities actually work and see live demos showing how various OWASP proects and tools can be used to mitigate common attacks.
Using an interactive approach that solicits audience participation, developers and architects will learn how to proactively prevent attacks from occurring and stop hackers from exploiting their applications.
Speaker
Frank Kim
SANS Institute
Frank Kim is a security leader with 17 years of experience in information security, risk management, and enterprise IT. He has a passion for developing security strategies and building teams focused on practical solutions to business risks. He currently serves as the curriculum lead for application security at the SANS Institute and is the author and an instructor for the Secure Coding in Java course.