Description: In this video Jon Are Rakvåg talking about Application Security and understand your code and make it secure from the crackers or hackers.
As applications grow and mature to become a natural and integral part of business, government and society as a whole, so does the demands for application security. Often ill-defined, often poorly understood by decision makers, it’s never the less critical for any internet facing system.
Application security is no longer optional. It can no longer be an afterthought. It cannot be addressed by adding another box to the server room. It cannot be outsourced, nor can it easily be retrofitted. Security must be designed and built into mission critical applications from the beginning, and the only people in a position to do this are the ones building it. Luckily, the basics of application security are surprisingly simple.
In this introductory talk, we'll delve look into what every application developer needs to know about security, regardless of whether you see yourself as a backend or frontend person, or what language you prefer. We'll look into the basic forms of the most common threats and mitigation in some detail, in order to assist you in recognizing where problems may occur, what might happen, against whom and in what circumstances. And most importantly: how to best address them in your own applications. This will include subjects such as important security patterns, injection attacks, cross site scripting, cross site request forgery and session hijacking.
The talk will focus on concrete examples, demonstrating both the issues and important tools and techniques for the responsible developer.
Jon Are Rakvåg
Jon Are Rakvåg took his MSc at the Selmer Institute for Secure and Reliable Communication at the University of Bergen. After starting off as a information security consultant, he made the switch to full time developer (and security geek) at Capgemini Norge AS, and is currently working for SpareBank 1. He is a Certified Information System Security Professional (CISSP) and a member of the norwegian Open Web Application Security Project (OWASP) chapter.
Latest from the SecurityTube Blog:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Original Source: http://vimeo.com/49305645