In this session, you’ll learn about the top 10 security risks in web applications, and, with demos, how REST backends and rich JavaScript applications map to these risks. Current and upcoming countermeasures include new HTTP headers, double submit cookies, and escaping input client-side to avoid DOM-based XSS. We’ll look at each of these, discuss the techniques you’ll want to add to your developer toolbox, and how to build reasonable security processes into an agile team environment.
Duration: 42:2
John Wilander
John Wilander is a frontend software developer at Svenska Handelbanken, the second strongest bank in the world according to Bloomberg Markets. He has been researching and working in application security for ten years and recently organized the OWASP Browser Security sessions in Portugal, with participants from the security teams behind Chrome, Firefox, Internet Explorer, Flash, and PayPal. During his years in academia he was elected best computer science teacher twice and nowadays gives 5-10 professional talks per year.