By Eoin Woods
With more and more services becoming Internet facing, web application security is now a problem for most of us. In response to this, the OWASP security community have been working for years to catalogue, understand and prioritise common web application vulnerabilities, published as the “OWASP Top 10 List” which has recently been updated for the 2017 revision (the previous version being the 2013 edition).
What many security practitioners find amazing is how stable the content of the list is, with the same vulnerabilities being introduced into systems again and again, over many years. In this session we will review the 2017 OWASP Top 10 list to understand the vulnerabilities and dig into the implementation details of some of the more important of them to identify practical mitigations for them in our own applications.