Web Application security has become one of the top concerns of online businesses. As firewalls and IPSs are getting more and more sophisticated, and successful in keeping the bad guys out, web applications still seem to be the Achilles Heel of network security. Also, as most web apps use custom code bases, chances of security bugs creeping in are much higher. The OWASP
foundation has compiled a list of the top 10 vulnerabilities in web applications:
A1 - Cross Site Scripting (XSS)
A2 - Injection Flaws (SQL and Command)
A3 - Malicious File Execution
A4 - Insecure Direct Object Reference
A5 - Cross Site Request Forgery (CSRF)
A6 - Information Leakage and Improper Error Handling
A7 - Broken Authentication and Session Management
A8 - Insecure Cryptographic Storage
A9 - Insecure Communications
A10 - Failure to Restrict URL Access
In this video series, Barry Dorrans, an MVP, discusses the OWASP Top 10 and shows demos to illustrate each vulnerability. The counter measures and secure coding guidelines are also mentioned, but concentrate solely on the ASP.NET platform. The video is very elaborate in its coverage and is a good watch for web hackers in general and ASP.NET developers in particular. Thanks to Edge UG
for posting these on Vimeo. Enjoy!
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.