Beyond Blind Defense: Gaining Insights from Proactive AppSec

September 26, 2016

As application security continues to evolve, defenders gain more effective and varied tools to aid in strengthening application security. Two such tools, the Content Security Policy (CSP) and HTTP Public Key Pinning (HPKP) browser-side web standards, not only act as added layers of defense but also give insight into common failure cases and classes of attacks, such as Cross-Site Scripting and Man In The Middle attacks.

Watch as they briefly discuss the benefits of CSP and HPKP, focus more deeply on how Reporting works with both of these standards, what insights can be gained through CSP and HPKP Reporting, as well as special considerations for those considering implementation of both of these standards in either monitoring or blocking modes.

Previous Video
OWASP Automated Threats Explained - Carding, Card Cracking and Cashing Out
OWASP Automated Threats Explained - Carding, Card Cracking and Cashing Out

In order to protect your website, you need to know how you’re being attacked. Carding, Card Cracking and C...

Next Video
Are Bot Operators Eating Your Lunch?
Are Bot Operators Eating Your Lunch?

Are bot operators stealing your content & attacking your site? Let IT Systems Director Brian Gress at Hayne...