Security Testing on Web Applications - How to protect yourself and avoid getting owned presented at OWASP AppSecAsiaPac 2012

by Magno (logan) Rodrigues,

Tags: Security

Summary : "Web Applications are the number one threat for companies and organizations today. And that's why they need to be fully tested and validated before they go into production. In this presentation we'll show what are the highest risks for web applications and how to avoid them. The OWASP Top 10 and the CWE/SANS Top 25 will give us a broader view of the most common vulnerabilities in web applications. After that, we'll show how test and find these vulnerabilities in your own web applications following the OWASP Testing Guide, the OSSTMM and using free and open source tools provided by the community like Mantra, ZAP, etc. To finish we'd like to show developers some best practices on how to develop code by introducing them to the Developers Guide and the Securing Coding Practices as well as some other guides that would help them in developing better and safer applications."