SlideShare ist ein Scribd-Unternehmen logo

Proxy Caches and Web Application Security

Tim Bass
Tim Bass

Proxy Caches and Web Application Security Using the Recent Google Docs 0-Day as an Example

Technologie
1 von 31
Proxy Caches and Web Application Security Using the Recent Google Docs 0-Day as an Example Tim Bass, CISSP Chapter Leader, OWASP Thailand +66832975101, tim@unix.com
OWASP Worldwide Community www.owasp.org
My Contact Info and Web Places www.linkedin.com/in/timbass LinkedIn www.unix.com The UNIX and Linux Forums www.acisonline.net ACIS Professional Center blog.isc2.org Blog – The (ISC)2 Blog www.thecepblog.com Blog – The CEP Blog [email_address] Email +66832975101 Mobile, Thailand Tim Bass Me
Our Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
OWASP Top 10 2007 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
OWASP Top 10 2007 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Brief OWASP Top 10 Review 7. Broken Authentication and Session Management
7. Broken Authentication and Session Management ,[object Object],[object Object],[object Object],[object Object]
7. Broken Authentication and Session Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
7. Broken Authentication and Session Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
7. Broken Authentication and Session Management ,[object Object],[object Object],[object Object],[object Object],OWASP has so many web application security tools, papers and guides, all FREE for you to use!
Our Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
GoogleDocs Account Before…..
A Typical Day in GoogleDocs …..
GoogleDocs Account After …..
GoogleDocs Account After …..
Mr. Wodnizki says ….
Mr. Wodnizki says …. “I deleted all ….”
Google teamwork …
Google says …. “ We’ve fixed the code…..”
Our Agenda ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Proxy Caches are a Serious Everyday Threat ,[object Object],[object Object],[object Object],[object Object],Caches are the Threat. Bad Code is the Flaw.
Developers Must Assume a Full Time Proxy Cache Threat Exists ,[object Object],[object Object],[object Object],For example, a session ID issued to a client gets used while it is valid or until abandoned and expired. If it is served and delivered in response to an unencrypted HTTP GET request, there’s no guarantee it will be consumed by the intended web browser.
Developers Must Assume a Full Time Proxy Cache Threat Exists ,[object Object],[object Object],Ideally, proxy caches should not cache session management cookies and distribute cached cookies to multiple clients – but they can and do.
SSL is Critical, But Not Foolproof ,[object Object],[object Object],For example, web developers may not correctly set the "Encrypted Sessions Only" cookie property. Incorrectly configured “secure” servers will send HTTPS cookies in the open, unencrypted.
SSL is Critical, But Not Foolproof ,[object Object],[object Object],For example, web developers may not correctly set the "Encrypted Sessions Only" cookie property. Incorrectly configured “secure” servers will send HTTPS cookies in the open, unencrypted.
Testing Scenario- Single Server, Single Cache Simple Test Scenario (HTTP and HTTPS) WEB SERVER WEB CLIENT WEB CLIENT WEB CLIENT Very Aggressive Proxy Cache
Testing Scenario- Test Third Party Web Apps Anyone can build and test against their own aggressive proxy! Illustrative Purposes Only Google Docs! WEB CLIENT WEB CLIENT WEB CLIENT Your Very Aggressive Proxy Cache
Some Takeaways of this Presentation ,[object Object],[object Object],This means that all (risk critical) web applications should be completely tested against an aggressive proxy cache to insure that criminals cannot exploit a basic configuration in the Internet. - This is huge .
References ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object]

Empfohlen

Sea surfing in asp.net mvc
Sea surfing in asp.net mvcSea surfing in asp.net mvc
Sea surfing in asp.net mvc
magda3695
 
Owasp top 10_openwest_2019
Owasp top 10_openwest_2019Owasp top 10_openwest_2019
Owasp top 10_openwest_2019
Sean Jackson
 
OWASP Khartoum Top 10 A3 - 6th meeting
OWASP Khartoum Top 10 A3 - 6th meetingOWASP Khartoum Top 10 A3 - 6th meeting
OWASP Khartoum Top 10 A3 - 6th meeting
OWASP Khartoum
 
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...
Noppadol Songsakaew
 
Securing the Web @DevDay Da Nang 2018
Securing the Web @DevDay Da Nang 2018Securing the Web @DevDay Da Nang 2018
Securing the Web @DevDay Da Nang 2018
Sumanth Damarla
 
OWASP Serbia - A5 cross-site request forgery
OWASP Serbia - A5 cross-site request forgeryOWASP Serbia - A5 cross-site request forgery
OWASP Serbia - A5 cross-site request forgery
Nikola Milosevic
 
OWASPTop 10
OWASPTop 10OWASPTop 10
OWASPTop 10
InnoTech
 
Avoiding Cross Site Scripting - Not as easy as you might think
Avoiding Cross Site Scripting - Not as easy as you might thinkAvoiding Cross Site Scripting - Not as easy as you might think
Avoiding Cross Site Scripting - Not as easy as you might think
Erlend Oftedal
 

Empfohlen

Sea surfing in asp.net mvc
Sea surfing in asp.net mvcSea surfing in asp.net mvc
Sea surfing in asp.net mvc
magda3695
 
Owasp top 10_openwest_2019
Owasp top 10_openwest_2019Owasp top 10_openwest_2019
Owasp top 10_openwest_2019
Sean Jackson
 
OWASP Khartoum Top 10 A3 - 6th meeting
OWASP Khartoum Top 10 A3 - 6th meetingOWASP Khartoum Top 10 A3 - 6th meeting
OWASP Khartoum Top 10 A3 - 6th meeting
OWASP Khartoum
 
A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...A2 - broken authentication and session management(OWASP thailand chapter Apri...
A2 - broken authentication and session management(OWASP thailand chapter Apri...
Noppadol Songsakaew
 
Securing the Web @DevDay Da Nang 2018
Securing the Web @DevDay Da Nang 2018Securing the Web @DevDay Da Nang 2018
Securing the Web @DevDay Da Nang 2018
Sumanth Damarla
 
OWASP Serbia - A5 cross-site request forgery
OWASP Serbia - A5 cross-site request forgeryOWASP Serbia - A5 cross-site request forgery
OWASP Serbia - A5 cross-site request forgery
Nikola Milosevic
 
OWASPTop 10
OWASPTop 10OWASPTop 10
OWASPTop 10
InnoTech
 
Avoiding Cross Site Scripting - Not as easy as you might think
Avoiding Cross Site Scripting - Not as easy as you might thinkAvoiding Cross Site Scripting - Not as easy as you might think
Avoiding Cross Site Scripting - Not as easy as you might think
Erlend Oftedal
 
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
DevDay.org
 
OWASP Serbia - A3 broken authentication and session management
OWASP Serbia - A3 broken authentication and session managementOWASP Serbia - A3 broken authentication and session management
OWASP Serbia - A3 broken authentication and session management
Nikola Milosevic
 
[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Securit...
[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Securit...[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Securit...
[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Securit...
DevDay.org
 
Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)
Philippe De Ryck
 
Wakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
Wakanda and the top 5 security risks - JS.everyrwhere(2012) EuropeWakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
Wakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
Alexandre Morgaut
 
PCI security requirements secure coding and code review 2014
PCI security requirements secure coding and code review 2014PCI security requirements secure coding and code review 2014
PCI security requirements secure coding and code review 2014
Haitham Raik
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Brian Huff
 
Starwest 2008
Starwest 2008Starwest 2008
Starwest 2008
Caleb Sima
 
How to Make Your NodeJS Application Secure (24 Best Security Tips )
How to Make Your NodeJS Application Secure (24 Best Security Tips )How to Make Your NodeJS Application Secure (24 Best Security Tips )
How to Make Your NodeJS Application Secure (24 Best Security Tips )
Katy Slemon
 
Chapter 5: Attack Execution - The Client
Chapter 5: Attack Execution - The ClientChapter 5: Attack Execution - The Client
Chapter 5: Attack Execution - The Client
Dr.Sami Khiami
 
Content Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooContent Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at Yahoo
Binu Ramakrishnan
 
Cyber Security 101 – A Practical Guide for Small Businesses
Cyber Security 101 – A Practical Guide for Small BusinessesCyber Security 101 – A Practical Guide for Small Businesses
Cyber Security 101 – A Practical Guide for Small Businesses
PECB
 
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
gmaran23
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net application
ZAIYAUL HAQUE
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) security
Nahidul Kibria
 
Chapter 2: Web application technologies
Chapter 2: Web application technologiesChapter 2: Web application technologies
Chapter 2: Web application technologies
Dr.Sami Khiami
 
Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019
African Cyber Security Summit
 
Web Application Scanning 101
Web Application Scanning 101Web Application Scanning 101
Web Application Scanning 101
Sasha Nunke
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realities
Brad Hill
 
Spring Security 3
Spring Security 3Spring Security 3
Spring Security 3
Jason Ferguson
 
LIVES approach–Planning, implementation, documentation
LIVES approach–Planning, implementation, documentationLIVES approach–Planning, implementation, documentation
LIVES approach–Planning, implementation, documentation
ILRI
 
Final Presentation
Final PresentationFinal Presentation
Final Presentation
henry515
 

Weitere ähnliche Inhalte

Was ist angesagt?

OWASP Serbia - A3 broken authentication and session management
OWASP Serbia - A3 broken authentication and session managementOWASP Serbia - A3 broken authentication and session management
OWASP Serbia - A3 broken authentication and session management
Nikola Milosevic
 
Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)
Philippe De Ryck
 
Wakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
Wakanda and the top 5 security risks - JS.everyrwhere(2012) EuropeWakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
Wakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
Alexandre Morgaut
 
PCI security requirements secure coding and code review 2014
PCI security requirements secure coding and code review 2014PCI security requirements secure coding and code review 2014
PCI security requirements secure coding and code review 2014
Haitham Raik
 
Cyber Security 101 – A Practical Guide for Small Businesses
Cyber Security 101 – A Practical Guide for Small BusinessesCyber Security 101 – A Practical Guide for Small Businesses
Cyber Security 101 – A Practical Guide for Small Businesses
PECB
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realities
Brad Hill
 

Was ist angesagt? (20)

[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
[DevDay2018] Security Testing - By Thuy Nguyen, Software Engineer at Axon Act...
 
OWASP Serbia - A3 broken authentication and session management
OWASP Serbia - A3 broken authentication and session managementOWASP Serbia - A3 broken authentication and session management
OWASP Serbia - A3 broken authentication and session management
 
[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Securit...
[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Securit...[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Securit...
[DevDay2018] Hacking for fun and profit - By: Dennis Stötzel, Head of Securit...
 
Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)
 
Wakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
Wakanda and the top 5 security risks - JS.everyrwhere(2012) EuropeWakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
Wakanda and the top 5 security risks - JS.everyrwhere(2012) Europe
 
PCI security requirements secure coding and code review 2014
PCI security requirements secure coding and code review 2014PCI security requirements secure coding and code review 2014
PCI security requirements secure coding and code review 2014
 
Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)Top 10 Web Security Vulnerabilities (OWASP Top 10)
Top 10 Web Security Vulnerabilities (OWASP Top 10)
 
Starwest 2008
Starwest 2008Starwest 2008
Starwest 2008
 
How to Make Your NodeJS Application Secure (24 Best Security Tips )
How to Make Your NodeJS Application Secure (24 Best Security Tips )How to Make Your NodeJS Application Secure (24 Best Security Tips )
How to Make Your NodeJS Application Secure (24 Best Security Tips )
 
Chapter 5: Attack Execution - The Client
Chapter 5: Attack Execution - The ClientChapter 5: Attack Execution - The Client
Chapter 5: Attack Execution - The Client
 
Content Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at YahooContent Security Policy - Lessons learned at Yahoo
Content Security Policy - Lessons learned at Yahoo
 
Cyber Security 101 – A Practical Guide for Small Businesses
Cyber Security 101 – A Practical Guide for Small BusinessesCyber Security 101 – A Practical Guide for Small Businesses
Cyber Security 101 – A Practical Guide for Small Businesses
 
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
Beefing Up Security In ASP.NET Dot Net Bangalore 3rd meet up on May 16 2015
 
Security asp.net application
Security asp.net applicationSecurity asp.net application
Security asp.net application
 
Penetration testing web application web application (in) security
Penetration testing web application web application (in) securityPenetration testing web application web application (in) security
Penetration testing web application web application (in) security
 
Chapter 2: Web application technologies
Chapter 2: Web application technologiesChapter 2: Web application technologies
Chapter 2: Web application technologies
 
Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019Atelier Technique - F5 - #ACSS2019
Atelier Technique - F5 - #ACSS2019
 
Web Application Scanning 101
Web Application Scanning 101Web Application Scanning 101
Web Application Scanning 101
 
W3 conf hill-html5-security-realities
W3 conf hill-html5-security-realitiesW3 conf hill-html5-security-realities
W3 conf hill-html5-security-realities
 
Spring Security 3
Spring Security 3Spring Security 3
Spring Security 3
 

Andere mochten auch

Final Presentation
Final PresentationFinal Presentation
Final Presentation
henry515
 
Getting information from media
Getting information from mediaGetting information from media
Getting information from media
Caroline Lace
 
Bid to Win workshop for Seedbed - October 2015
Bid to Win workshop for Seedbed - October 2015Bid to Win workshop for Seedbed - October 2015
Bid to Win workshop for Seedbed - October 2015
Matt Spry
 
Alkmaar, Netherlands
Alkmaar, NetherlandsAlkmaar, Netherlands
Alkmaar, Netherlands
Carlos Colomer
 
Proxy servers
Proxy serversProxy servers
Proxy servers
Kumar
 

Andere mochten auch (18)

LIVES approach–Planning, implementation, documentation
LIVES approach–Planning, implementation, documentationLIVES approach–Planning, implementation, documentation
LIVES approach–Planning, implementation, documentation
 
Final Presentation
Final PresentationFinal Presentation
Final Presentation
 
Speech
SpeechSpeech
Speech
 
Sens Clinic | Impacting lives ‘SENS’-itively
Sens Clinic | Impacting lives ‘SENS’-itivelySens Clinic | Impacting lives ‘SENS’-itively
Sens Clinic | Impacting lives ‘SENS’-itively
 
Vcmx presentation june 17, 2013
Vcmx presentation june 17, 2013Vcmx presentation june 17, 2013
Vcmx presentation june 17, 2013
 
Getting information from media
Getting information from mediaGetting information from media
Getting information from media
 
Gerardo
GerardoGerardo
Gerardo
 
Tor for pf recruitment
Tor for pf recruitmentTor for pf recruitment
Tor for pf recruitment
 
Bid to Win workshop for Seedbed - October 2015
Bid to Win workshop for Seedbed - October 2015Bid to Win workshop for Seedbed - October 2015
Bid to Win workshop for Seedbed - October 2015
 
@Aman- The Maglev Technology
@Aman- The Maglev Technology@Aman- The Maglev Technology
@Aman- The Maglev Technology
 
Marketing Plan Bisnis IAM ( I AM MILLIOANIRE)
Marketing Plan Bisnis IAM ( I AM MILLIOANIRE)Marketing Plan Bisnis IAM ( I AM MILLIOANIRE)
Marketing Plan Bisnis IAM ( I AM MILLIOANIRE)
 
Alkmaar, Netherlands
Alkmaar, NetherlandsAlkmaar, Netherlands
Alkmaar, Netherlands
 
Historia del mercadeo
Historia del mercadeo Historia del mercadeo
Historia del mercadeo
 
Proxy server
Proxy serverProxy server
Proxy server
 
The 21st century digital teacher!
The 21st century digital teacher!The 21st century digital teacher!
The 21st century digital teacher!
 
wimax
wimaxwimax
wimax
 
Economía Ambiental | Tema 10 | Subdesarrollo y degradación ambiental
Economía Ambiental | Tema 10 | Subdesarrollo y degradación ambientalEconomía Ambiental | Tema 10 | Subdesarrollo y degradación ambiental
Economía Ambiental | Tema 10 | Subdesarrollo y degradación ambiental
 
Proxy servers
Proxy serversProxy servers
Proxy servers
 

Ähnlich wie Proxy Caches and Web Application Security

Securing web applications
Securing web applicationsSecuring web applications
Securing web applications
Supreme O
 
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
nooralmousa
 
CMS Website Security Threat Protection Oriented Analyzer System
CMS Website Security Threat Protection Oriented Analyzer SystemCMS Website Security Threat Protection Oriented Analyzer System
CMS Website Security Threat Protection Oriented Analyzer System
Editor IJCATR
 

Ähnlich wie Proxy Caches and Web Application Security (20)

Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013
 
A security note for web developers
A security note for web developersA security note for web developers
A security note for web developers
 
Bp101-Can Domino Be Hacked
Bp101-Can Domino Be HackedBp101-Can Domino Be Hacked
Bp101-Can Domino Be Hacked
 
Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020Secure coding presentation Oct 3 2020
Secure coding presentation Oct 3 2020
 
Security Awareness
Security AwarenessSecurity Awareness
Security Awareness
 
OWASP Portland - OWASP Top 10 For JavaScript Developers
OWASP Portland - OWASP Top 10 For JavaScript DevelopersOWASP Portland - OWASP Top 10 For JavaScript Developers
OWASP Portland - OWASP Top 10 For JavaScript Developers
 
Web security for developers
Web security for developersWeb security for developers
Web security for developers
 
Securing web applications
Securing web applicationsSecuring web applications
Securing web applications
 
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...Mr. Mohammed Aldoub - A case study of django web applications that are secur...
Mr. Mohammed Aldoub - A case study of django web applications that are secur...
 
Case Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by DefaultCase Study of Django: Web Frameworks that are Secure by Default
Case Study of Django: Web Frameworks that are Secure by Default
 
Jan 2008 Allup
Jan 2008 AllupJan 2008 Allup
Jan 2008 Allup
 
Owasp web security
Owasp web securityOwasp web security
Owasp web security
 
Shields up - improving web application security
Shields up - improving web application securityShields up - improving web application security
Shields up - improving web application security
 
AppSec Tel Aviv - OWASP Top 10 For JavaScript Developers
AppSec Tel Aviv - OWASP Top 10 For JavaScript Developers AppSec Tel Aviv - OWASP Top 10 For JavaScript Developers
AppSec Tel Aviv - OWASP Top 10 For JavaScript Developers
 
S8-Session Managment
S8-Session ManagmentS8-Session Managment
S8-Session Managment
 
CMS Website Security Threat Protection Oriented Analyzer System
CMS Website Security Threat Protection Oriented Analyzer SystemCMS Website Security Threat Protection Oriented Analyzer System
CMS Website Security Threat Protection Oriented Analyzer System
 
Top Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.NetTop Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.Net
 
Browser Hacking For Fun and Profit | Null Bangalore Meetup 2019 | Divyanshu S...
Browser Hacking For Fun and Profit | Null Bangalore Meetup 2019 | Divyanshu S...Browser Hacking For Fun and Profit | Null Bangalore Meetup 2019 | Divyanshu S...
Browser Hacking For Fun and Profit | Null Bangalore Meetup 2019 | Divyanshu S...
 
Presentation on Top 10 Vulnerabilities in Web Application
Presentation on Top 10 Vulnerabilities in Web ApplicationPresentation on Top 10 Vulnerabilities in Web Application
Presentation on Top 10 Vulnerabilities in Web Application
 
Unusual Web Bugs
Unusual Web BugsUnusual Web Bugs
Unusual Web Bugs
 

Kürzlich hochgeladen

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Kürzlich hochgeladen (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 

Proxy Caches and Web Application Security