Top Ten Web Defenses presented at RochesterSecuritySummit 2014

by Jim Manico,

Summary : We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought network security practices and corporate policies were enough. Most every organization in the world have something in common – they have had websites compromised in some way. No company or industry is immune. Today’s agile web applications are being pushed with new code almost daily. Scanning these web applications via one time penetration test is an outdated and ineffective way to protect your fast paced environment. Attacks on prominent, well-protected websites are occurring every day. Jim will review the top techniques security professionals need to master in order to build a low-risk, high-security web application.