Minimal effort web application security (a.k.a. how to make my job harder)

A talk from EMF 2014 by Graham Sutherland

On Sunday August 31, 2014 at in Stage C

In this talk I will present a few quick tips on making your web applications more resistant to common attack vectors, without putting a lot of effort in. In some cases, simply adding a line to a configuration file can completely prevent entire classes of attack from being viable. We'll take a look at hardening against XSS, SQL injection, clickjacking, password cracking, and a few other bits if there's time. With any luck, you'll make my job a bit more difficult.