We’ve all heard of the OWASP Top 10- it is the standard first reference we give web developers who are interested in making their applications more secure. It is also the categorization scheme we give to web vulnerabilities on our pentest reports. But surely there is more to web application security than the OWASP Top 10, right? In this talk, we will discuss 5 vulnerabilities that don’t quite fit into the OWASP Top 10 categories, but are just as dangerous if present in a web application. Both developers and pentesters will benefit from this talk, as both exploits and mitigations will be covered for each of the 5 vulnerabilities.

Details:

Date: Sunday - May 18
Time: 11:00
Length: minutes
Location: Grand Ballroom D

Speakers:

Aaron Hnatiw

Aaron Hnatiw is a Senior Security Researcher for Security Compass, an information security advisory firm specializing in …