New hacks and leaks in web applications are reported almost daily, which is why the importance of security is no longer seriously disputed by anyone. At the same time, there is often a lack of direct reference to existing risks in day-to-day development and security activities are subordinated to other tasks.
This presentation uses specific vulnerabilities and successful exploits to highlight the relevance of security measures in web development projects. Based on the OWASP Top Ten, specific security incidents will be explained, the errors identified and how they can be avoided.
Using real vulnerabilities, participants learn how they can avoid them themselves. Whether unsecured APIs, incorrect use of JWTs, poorly designed authentication processes or the use of hacked libraries: practical examples are used to illustrate the relevance of web security activities