Join Jim Manico for a 30-minute live training session presented in a friendly classroom environment. Book your seat today and step up your secure coding game!
Join us for an training session where we unravel some of the web's most overlooked yet critical security vulnerabilities. Our talk is crafted for developers, security professionals, and anyone keen on understanding and fortifying web security. This session is especially relevant for those involved in secure coding and application security.
Our agenda includes:
Out-of-Band Resource Load (HTTP) Discover the risks of loading resources from external sources. Understand how out-of-band resource loading can lead to security vulnerabilities like data leakage, mixed content issues, and potential for third-party malicious content injection.
Server-Side Template Injection Delve into the world of server-side template injection. Learn how attackers exploit template engines to inject malicious code, leading to Remote Code Execution (RCE), data exposure, or cross-site scripting (XSS). We will discuss preventive measures and secure coding practices to mitigate these risks.
Password Submitted Using GET Method Uncover the dangers of submitting passwords using the GET method in HTTP requests. Understand how this practice leads to security breaches like exposing credentials in URLs, server logs, and browser history. Explore secure alternatives and best practices for handling sensitive data transmission.
Sensitive File(s) Disclosure Explore how improper access controls and security misconfigurations lead to unintended sensitive file disclosure. Learn about the methods to identify and secure sensitive files, and understand the importance of robust access control mechanisms.
Bonus Content:
On-demand access to class recordings >> You can share with your internal team
A comprehensive courseware package >> Get actionable examples, best practices, and resources
