I spoke to LA C# User group last night in Pasadena on the topic of Web Application Security with OWASP.
The slide deck of my talk can be downloaded from here. LA C# OWASP Presentation
Links from the talk follow.
- Open Web Application Security Project
- IIS Lockdown tool
- Configuring SSL on IIS7
- Disabling the directory browing
- Preventing Cross-Site Request Forgery (CSRF) Attacks
- How to prevent Cross site scripting XSS using MVC 3
- CSRF Vulnerability in Twitter Allowed Hackers to Read DMs, Post Tweets
- U.S. Says Ring Stole 160 Million Credit Card Numbers
- DDoS and SQL injection are the most popular attack subjects
- FireHost Detects Surge in SQL Injection for Q3 2013 with Cross-Site Scripting Also Rising
- SQL Injection Blamed for New Breach
- Millions of LinkedIn passwords reportedly leaked online
- How Hackers Stole 200,000+ Citi Accounts Just By Changing Numbers In The URL