On-Demand Webcast with Ultimate Windows Security & Rapid7
Web application security is complex for a number of reasons.
First of all, there's a wide variety of components involved, including browsers, web servers, and database servers.
There’s potential for vulnerabilities every step of the way and bad guys often exploit subtle combinations of these technologies operating on different planes of execution.
Take for instance SQL Injection.
The vulnerability affects the database but the mitigation must be implemented in the server-side web application.
Some threats are easy for non-developers to understand and mitigate – such as missing patches or security misconfigurations. But, many web application threats are deeply rooted in the code and architecture of the application itself and are a challenge to understand without coding knowledge and insight into how modern web applications work.
The non-profit OWASP Foundation is focused on web application security and they maintain a free, well-researched and technical document valuable to this discussion: OWASP Top 10 - The Ten Most Critical Web Application Security Risks, which is updated each year. But it can be difficult to use this document if you aren’t an active web developer.
Join us for our on-demand webcast where we will review the current OWASP Top 10 with the goal of helping technical infosec pros who aren’t web developers to understand each risk and provide a road map of what it takes to determine if the web applications at your organization are vulnerable.
Application Security Specialist
Ultimate Windows Security