SlideShare une entreprise Scribd logo

Web security

Télécharger en tant que PPTX, PDF
Kaushal Bhavsar
Kaushal Bhavsar

This

Technologie
1  sur  15
What, Why, How
“We have a firewall and our servers are patched. We don’t need security.”
 More than 200,000 Linkedin passwords were cracked in July 2012.  More than 400,000 Yahoo passwords were cracked in the same month.
It doesn’t happen overnight.
 Password Breach  Data Theft  Reputation Loss
Security for Websites Before Coding While Coding After Coding
Security for Websites Before Coding While Coding After Coding
 Make a Security Risk Analysis  Prepare a Threat Model  Educate(!) Developers
 Run Code Reviews  Perform White Box security testing
 Run a vulnerability assessment and penetration test.
 The real thing starts when your website is out for the world to taste!
 Deploy a web application firewall  Perform periodic penetration tests  Run proactive monitoring  Report Anomalies to Developers!
 Founded in 2009  Kaushal Bhavsar, pursuing PhD in Computer Security, is the founder & CEO  Team of background-checked enthusiastic security researchers with strong morals and ethics  Continuously researching…
 Web Application Firewall using Net Canine WAF  Proactive Website Monitoring using Net Canine Monitoring System  Security Consulting  Vulnerability Assessment and Penetration Testing Leave your security tension upon us 
For more details, contact kaushal@pratikar.com or our website www.pratikar.com

Recommandé

Web application security
Web application securityWeb application security
Web application securityAkash Mahajan
 
Web Application Security - DevFest + GDay George Town 2016
Web Application Security - DevFest + GDay George Town 2016Web Application Security - DevFest + GDay George Town 2016
Web Application Security - DevFest + GDay George Town 2016Gareth Davies
 
iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift
iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift
iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift Bunty Madan
 
How secure is your website?
How secure is your website?How secure is your website?
How secure is your website?Ian Grey
 
Building secure android apps
Building secure android appsBuilding secure android apps
Building secure android appsKaushal Bhavsar
 
Internship brochure
Internship brochureInternship brochure
Internship brochureFixNix Inc.,
 
How to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureHow to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureIIMBNSRCEL
 
Layered API Security: What Hackers Don't Want You To Know
Layered API Security: What Hackers Don't Want You To KnowLayered API Security: What Hackers Don't Want You To Know
Layered API Security: What Hackers Don't Want You To KnowAaronLieberman5
 

Recommandé

Web application security
Web application securityWeb application security
Web application securityAkash Mahajan
 
Web Application Security - DevFest + GDay George Town 2016
Web Application Security - DevFest + GDay George Town 2016Web Application Security - DevFest + GDay George Town 2016
Web Application Security - DevFest + GDay George Town 2016Gareth Davies
 
iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift
iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift
iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift Bunty Madan
 
How secure is your website?
How secure is your website?How secure is your website?
How secure is your website?Ian Grey
 
Building secure android apps
Building secure android appsBuilding secure android apps
Building secure android appsKaushal Bhavsar
 
Internship brochure
Internship brochureInternship brochure
Internship brochureFixNix Inc.,
 
How to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureHow to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureIIMBNSRCEL
 
Layered API Security: What Hackers Don't Want You To Know
Layered API Security: What Hackers Don't Want You To KnowLayered API Security: What Hackers Don't Want You To Know
Layered API Security: What Hackers Don't Want You To KnowAaronLieberman5
 
Your internet-exposure-that-makes-you-vulnerable
Your internet-exposure-that-makes-you-vulnerableYour internet-exposure-that-makes-you-vulnerable
Your internet-exposure-that-makes-you-vulnerableIIMBNSRCEL
 
Phishing past mail protection controls using azure information
Phishing past mail protection controls using azure informationPhishing past mail protection controls using azure information
Phishing past mail protection controls using azure informationOddvar Moe
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantRobert Crane
 
ZeroNights2013 testing of password policy
ZeroNights2013 testing of password policyZeroNights2013 testing of password policy
ZeroNights2013 testing of password policyAnton Dedov
 
Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Ammar Hasayen
 
Where To Start When Your Environment is Fucked
Where To Start When Your Environment is FuckedWhere To Start When Your Environment is Fucked
Where To Start When Your Environment is FuckedAmanda Berlin
 
Web appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesWeb appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesPotato
 
Securely logging to Microsoft 365
Securely logging to Microsoft 365Securely logging to Microsoft 365
Securely logging to Microsoft 365Robert Crane
 
Mobile Application Security Code Reviews
Mobile Application Security Code ReviewsMobile Application Security Code Reviews
Mobile Application Security Code ReviewsDenim Group
 
Wizard UI Consulting Projects 2010
Wizard UI Consulting Projects 2010Wizard UI Consulting Projects 2010
Wizard UI Consulting Projects 2010Adi Mazor Kario
 
Security Risks & Vulnerabilities in Skype
Security Risks & Vulnerabilities in SkypeSecurity Risks & Vulnerabilities in Skype
Security Risks & Vulnerabilities in SkypeKelum Senanayake
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Robert Crane
 
Securing Governing and Protecting Your Office 365 Investments
Securing Governing and Protecting Your Office 365 InvestmentsSecuring Governing and Protecting Your Office 365 Investments
Securing Governing and Protecting Your Office 365 InvestmentsChris Bortlik
 
Ca partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCa partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCA Technologies Italia
 
Privacy security
Privacy securityPrivacy security
Privacy securityhanjunxian
 
Inner Security Ltd
Inner Security LtdInner Security Ltd
Inner Security Ltdinnersecurity
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
Lacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework
 
Protecting your online identity - Managing your passwords
Protecting your online identity - Managing your passwordsProtecting your online identity - Managing your passwords
Protecting your online identity - Managing your passwordsBunmi Sowande
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteSecure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteMike Brannon
 
Barcamp presentation at Ahmedabad
Barcamp presentation at AhmedabadBarcamp presentation at Ahmedabad
Barcamp presentation at Ahmedabadpriyal parikh
 
Developing the Windows Phone User Experience
Developing the Windows Phone User ExperienceDeveloping the Windows Phone User Experience
Developing the Windows Phone User ExperienceKaushal Bhavsar
 

Contenu connexe

Tendances

Your internet-exposure-that-makes-you-vulnerable
Your internet-exposure-that-makes-you-vulnerableYour internet-exposure-that-makes-you-vulnerable
Your internet-exposure-that-makes-you-vulnerableIIMBNSRCEL
 
Phishing past mail protection controls using azure information
Phishing past mail protection controls using azure informationPhishing past mail protection controls using azure information
Phishing past mail protection controls using azure informationOddvar Moe
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantRobert Crane
 
ZeroNights2013 testing of password policy
ZeroNights2013 testing of password policyZeroNights2013 testing of password policy
ZeroNights2013 testing of password policyAnton Dedov
 
Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Ammar Hasayen
 
Where To Start When Your Environment is Fucked
Where To Start When Your Environment is FuckedWhere To Start When Your Environment is Fucked
Where To Start When Your Environment is FuckedAmanda Berlin
 
Web appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesWeb appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesPotato
 
Securely logging to Microsoft 365
Securely logging to Microsoft 365Securely logging to Microsoft 365
Securely logging to Microsoft 365Robert Crane
 
Mobile Application Security Code Reviews
Mobile Application Security Code ReviewsMobile Application Security Code Reviews
Mobile Application Security Code ReviewsDenim Group
 
Wizard UI Consulting Projects 2010
Wizard UI Consulting Projects 2010Wizard UI Consulting Projects 2010
Wizard UI Consulting Projects 2010Adi Mazor Kario
 
Security Risks & Vulnerabilities in Skype
Security Risks & Vulnerabilities in SkypeSecurity Risks & Vulnerabilities in Skype
Security Risks & Vulnerabilities in SkypeKelum Senanayake
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Robert Crane
 
Securing Governing and Protecting Your Office 365 Investments
Securing Governing and Protecting Your Office 365 InvestmentsSecuring Governing and Protecting Your Office 365 Investments
Securing Governing and Protecting Your Office 365 InvestmentsChris Bortlik
 
Ca partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCa partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCA Technologies Italia
 
Privacy security
Privacy securityPrivacy security
Privacy securityhanjunxian
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
Lacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework
 
Protecting your online identity - Managing your passwords
Protecting your online identity - Managing your passwordsProtecting your online identity - Managing your passwords
Protecting your online identity - Managing your passwordsBunmi Sowande
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteSecure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteMike Brannon
 

Tendances (20)

Your internet-exposure-that-makes-you-vulnerable
Your internet-exposure-that-makes-you-vulnerableYour internet-exposure-that-makes-you-vulnerable
Your internet-exposure-that-makes-you-vulnerable
 
Phishing past mail protection controls using azure information
Phishing past mail protection controls using azure informationPhishing past mail protection controls using azure information
Phishing past mail protection controls using azure information
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenant
 
ZeroNights2013 testing of password policy
ZeroNights2013 testing of password policyZeroNights2013 testing of password policy
ZeroNights2013 testing of password policy
 
Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019
 
Where To Start When Your Environment is Fucked
Where To Start When Your Environment is FuckedWhere To Start When Your Environment is Fucked
Where To Start When Your Environment is Fucked
 
Web appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practicesWeb appsec and it’s 10 best SDLC practices
Web appsec and it’s 10 best SDLC practices
 
Securely logging to Microsoft 365
Securely logging to Microsoft 365Securely logging to Microsoft 365
Securely logging to Microsoft 365
 
Mobile Application Security Code Reviews
Mobile Application Security Code ReviewsMobile Application Security Code Reviews
Mobile Application Security Code Reviews
 
Wizard UI Consulting Projects 2010
Wizard UI Consulting Projects 2010Wizard UI Consulting Projects 2010
Wizard UI Consulting Projects 2010
 
Security Risks & Vulnerabilities in Skype
Security Risks & Vulnerabilities in SkypeSecurity Risks & Vulnerabilities in Skype
Security Risks & Vulnerabilities in Skype
 
Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365Thr30117 - Securely logging to Microsoft 365
Thr30117 - Securely logging to Microsoft 365
 
Securing Governing and Protecting Your Office 365 Investments
Securing Governing and Protecting Your Office 365 InvestmentsSecuring Governing and Protecting Your Office 365 Investments
Securing Governing and Protecting Your Office 365 Investments
 
Ca partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milanoCa partner day - cloud e mobile security - milano
Ca partner day - cloud e mobile security - milano
 
Privacy security
Privacy securityPrivacy security
Privacy security
 
Inner Security Ltd
Inner Security LtdInner Security Ltd
Inner Security Ltd
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
 
Lacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud Scale
 
Protecting your online identity - Managing your passwords
Protecting your online identity - Managing your passwordsProtecting your online identity - Managing your passwords
Protecting your online identity - Managing your passwords
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteSecure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 Charlotte
 

En vedette

Barcamp presentation at Ahmedabad
Barcamp presentation at AhmedabadBarcamp presentation at Ahmedabad
Barcamp presentation at Ahmedabadpriyal parikh
 
Developing the Windows Phone User Experience
Developing the Windows Phone User ExperienceDeveloping the Windows Phone User Experience
Developing the Windows Phone User ExperienceKaushal Bhavsar
 
The vibrant startup challenge entry by Pratikar
The vibrant startup challenge entry by PratikarThe vibrant startup challenge entry by Pratikar
The vibrant startup challenge entry by PratikarKaushal Bhavsar
 
Landing page optimization techniques
Landing page optimization techniquesLanding page optimization techniques
Landing page optimization techniquespriyal parikh
 
Instagram extension setup in Magento framework
Instagram extension setup in Magento frameworkInstagram extension setup in Magento framework
Instagram extension setup in Magento frameworkKetan Raval
 
Html5 Offline Applications
Html5 Offline Applications Html5 Offline Applications
Html5 Offline Applications Sunny Sharma
 
Attacking Web Applications
Attacking Web ApplicationsAttacking Web Applications
Attacking Web ApplicationsSasha Goldshtein
 
Why? A meditative PPT for Entrepreneurs..
Why? A meditative PPT for Entrepreneurs..Why? A meditative PPT for Entrepreneurs..
Why? A meditative PPT for Entrepreneurs..Alok Rodinhood Kejriwal
 
Keynote - Devfest 2015 organized by GDG Ahmedabad
Keynote - Devfest 2015 organized by GDG AhmedabadKeynote - Devfest 2015 organized by GDG Ahmedabad
Keynote - Devfest 2015 organized by GDG AhmedabadKetan Raval
 
How Linkedin uses Gamification to improve its Business!
How Linkedin uses Gamification to improve its Business!How Linkedin uses Gamification to improve its Business!
How Linkedin uses Gamification to improve its Business!Alok Rodinhood Kejriwal
 
Java Presentation
Java PresentationJava Presentation
Java Presentationaitrichtech
 
Exploring erp and gis integration
Exploring erp and gis integrationExploring erp and gis integration
Exploring erp and gis integrationJinal Patel
 

En vedette (20)

Barcamp presentation at Ahmedabad
Barcamp presentation at AhmedabadBarcamp presentation at Ahmedabad
Barcamp presentation at Ahmedabad
 
Developing the Windows Phone User Experience
Developing the Windows Phone User ExperienceDeveloping the Windows Phone User Experience
Developing the Windows Phone User Experience
 
Beautiful data
Beautiful dataBeautiful data
Beautiful data
 
Net canine
Net canineNet canine
Net canine
 
The vibrant startup challenge entry by Pratikar
The vibrant startup challenge entry by PratikarThe vibrant startup challenge entry by Pratikar
The vibrant startup challenge entry by Pratikar
 
Requirements for IoT platform technology
Requirements for IoT platform technologyRequirements for IoT platform technology
Requirements for IoT platform technology
 
Education 2.0
Education 2.0Education 2.0
Education 2.0
 
Landing page optimization techniques
Landing page optimization techniquesLanding page optimization techniques
Landing page optimization techniques
 
Instagram extension setup in Magento framework
Instagram extension setup in Magento frameworkInstagram extension setup in Magento framework
Instagram extension setup in Magento framework
 
Womens report final_for_print
Womens report final_for_printWomens report final_for_print
Womens report final_for_print
 
Html5 Offline Applications
Html5 Offline Applications Html5 Offline Applications
Html5 Offline Applications
 
The Copycat Monkeys
The Copycat MonkeysThe Copycat Monkeys
The Copycat Monkeys
 
Attacking Web Applications
Attacking Web ApplicationsAttacking Web Applications
Attacking Web Applications
 
Why? A meditative PPT for Entrepreneurs..
Why? A meditative PPT for Entrepreneurs..Why? A meditative PPT for Entrepreneurs..
Why? A meditative PPT for Entrepreneurs..
 
NoSQL Basics and MongDB
NoSQL Basics and MongDBNoSQL Basics and MongDB
NoSQL Basics and MongDB
 
Keynote - Devfest 2015 organized by GDG Ahmedabad
Keynote - Devfest 2015 organized by GDG AhmedabadKeynote - Devfest 2015 organized by GDG Ahmedabad
Keynote - Devfest 2015 organized by GDG Ahmedabad
 
CBArchitect
CBArchitectCBArchitect
CBArchitect
 
How Linkedin uses Gamification to improve its Business!
How Linkedin uses Gamification to improve its Business!How Linkedin uses Gamification to improve its Business!
How Linkedin uses Gamification to improve its Business!
 
Java Presentation
Java PresentationJava Presentation
Java Presentation
 
Exploring erp and gis integration
Exploring erp and gis integrationExploring erp and gis integration
Exploring erp and gis integration
 

Similaire à Web security

Web application security
Web application securityWeb application security
Web application securityAkash Mahajan
 
Web application security
Web application securityWeb application security
Web application securityAkash Mahajan
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsKim Jensen
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012DaveEdwards12
 
Testing Application Security: The Hacker Psyche Exposed
Testing Application Security: The Hacker Psyche ExposedTesting Application Security: The Hacker Psyche Exposed
Testing Application Security: The Hacker Psyche ExposedTechWell
 
Become a Security Ninja
Become a Security NinjaBecome a Security Ninja
Become a Security NinjaPaul Gilzow
 
ONE Conference: Vulnerabilities in Web Applications
ONE Conference: Vulnerabilities in Web ApplicationsONE Conference: Vulnerabilities in Web Applications
ONE Conference: Vulnerabilities in Web ApplicationsNetcetera
 
Vikas Jain Past Work
Vikas Jain Past WorkVikas Jain Past Work
Vikas Jain Past WorkVikas Jain
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
Workshop content adams
Workshop content adamsWorkshop content adams
Workshop content adamsSiddharth
 
Why 'positive security' is a software security game changer
Why 'positive security' is a software security game changerWhy 'positive security' is a software security game changer
Why 'positive security' is a software security game changerJaap Karan Singh
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
Web Application Firewall (WAF) DAST/SAST combination
Web Application Firewall (WAF) DAST/SAST combinationWeb Application Firewall (WAF) DAST/SAST combination
Web Application Firewall (WAF) DAST/SAST combinationTjylen Veselyj
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Moshe Ferber
 
Web 2.0 security woes
Web 2.0 security woesWeb 2.0 security woes
Web 2.0 security woesSensePost
 
Detection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day ThreatsDetection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day ThreatsInvincea, Inc.
 
Get Ready for Web Application Security Testing
Get Ready for Web Application Security TestingGet Ready for Web Application Security Testing
Get Ready for Web Application Security TestingAlan Kan
 
How Does a Data Breach Happen?
How Does a Data Breach Happen? How Does a Data Breach Happen?
How Does a Data Breach Happen? Claranet UK
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goMichael Furman
 

Similaire à Web security (20)

Web application security
Web application securityWeb application security
Web application security
 
Web application security
Web application securityWeb application security
Web application security
 
Mitigating Web 2.0 Threats
Mitigating Web 2.0 ThreatsMitigating Web 2.0 Threats
Mitigating Web 2.0 Threats
 
Top Application Security Trends of 2012
Top Application Security Trends of 2012Top Application Security Trends of 2012
Top Application Security Trends of 2012
 
Testing Application Security: The Hacker Psyche Exposed
Testing Application Security: The Hacker Psyche ExposedTesting Application Security: The Hacker Psyche Exposed
Testing Application Security: The Hacker Psyche Exposed
 
Become a Security Ninja
Become a Security NinjaBecome a Security Ninja
Become a Security Ninja
 
ONE Conference: Vulnerabilities in Web Applications
ONE Conference: Vulnerabilities in Web ApplicationsONE Conference: Vulnerabilities in Web Applications
ONE Conference: Vulnerabilities in Web Applications
 
Vikas Jain Past Work
Vikas Jain Past WorkVikas Jain Past Work
Vikas Jain Past Work
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
Workshop content adams
Workshop content adamsWorkshop content adams
Workshop content adams
 
Javacro 2014 Spring Security 3 Speech
Javacro 2014 Spring Security 3 SpeechJavacro 2014 Spring Security 3 Speech
Javacro 2014 Spring Security 3 Speech
 
Why 'positive security' is a software security game changer
Why 'positive security' is a software security game changerWhy 'positive security' is a software security game changer
Why 'positive security' is a software security game changer
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
Web Application Firewall (WAF) DAST/SAST combination
Web Application Firewall (WAF) DAST/SAST combinationWeb Application Firewall (WAF) DAST/SAST combination
Web Application Firewall (WAF) DAST/SAST combination
 
Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...Surviving the lions den - how to sell SaaS services to security oriented cust...
Surviving the lions den - how to sell SaaS services to security oriented cust...
 
Web 2.0 security woes
Web 2.0 security woesWeb 2.0 security woes
Web 2.0 security woes
 
Detection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day ThreatsDetection and Analysis of 0-Day Threats
Detection and Analysis of 0-Day Threats
 
Get Ready for Web Application Security Testing
Get Ready for Web Application Security TestingGet Ready for Web Application Security Testing
Get Ready for Web Application Security Testing
 
How Does a Data Breach Happen?
How Does a Data Breach Happen? How Does a Data Breach Happen?
How Does a Data Breach Happen?
 
Passwords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to goPasswords are passé. WebAuthn is simpler, stronger and ready to go
Passwords are passé. WebAuthn is simpler, stronger and ready to go
 

Plus de Kaushal Bhavsar

Introduction to IP telephony & VoIP
Introduction to IP telephony & VoIP Introduction to IP telephony & VoIP
Introduction to IP telephony & VoIP Kaushal Bhavsar
 
Introduction to Cloud Computing and Windows Azure
Introduction to Cloud Computing and Windows AzureIntroduction to Cloud Computing and Windows Azure
Introduction to Cloud Computing and Windows AzureKaushal Bhavsar
 
Marketing 2.0 - Targeting mobile users using QR codes
Marketing 2.0 - Targeting mobile users using QR codesMarketing 2.0 - Targeting mobile users using QR codes
Marketing 2.0 - Targeting mobile users using QR codesKaushal Bhavsar
 
Effective Search via Google.
Effective Search via Google. Effective Search via Google.
Effective Search via Google. Kaushal Bhavsar
 

Plus de Kaushal Bhavsar (7)

Introduction to IP telephony & VoIP
Introduction to IP telephony & VoIP Introduction to IP telephony & VoIP
Introduction to IP telephony & VoIP
 
Introduction to Cloud Computing and Windows Azure
Introduction to Cloud Computing and Windows AzureIntroduction to Cloud Computing and Windows Azure
Introduction to Cloud Computing and Windows Azure
 
Satark
SatarkSatark
Satark
 
Azure mobile services
Azure mobile servicesAzure mobile services
Azure mobile services
 
Presentation zen
Presentation zenPresentation zen
Presentation zen
 
Marketing 2.0 - Targeting mobile users using QR codes
Marketing 2.0 - Targeting mobile users using QR codesMarketing 2.0 - Targeting mobile users using QR codes
Marketing 2.0 - Targeting mobile users using QR codes
 
Effective Search via Google.
Effective Search via Google. Effective Search via Google.
Effective Search via Google.
 

Dernier

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 

Dernier (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Web security

  • 2. “We have a firewall and our servers are patched. We don’t need security.”
  • 3.  More than 200,000 Linkedin passwords were cracked in July 2012.  More than 400,000 Yahoo passwords were cracked in the same month.
  • 4. It doesn’t happen overnight.
  • 5.  Password Breach  Data Theft  Reputation Loss
  • 6. Security for Websites Before Coding While Coding After Coding
  • 7. Security for Websites Before Coding While Coding After Coding
  • 8.  Make a Security Risk Analysis  Prepare a Threat Model  Educate(!) Developers
  • 9.  Run Code Reviews  Perform White Box security testing
  • 10.  Run a vulnerability assessment and penetration test.
  • 11.  The real thing starts when your website is out for the world to taste!
  • 12. Deploy a web application firewall  Perform periodic penetration tests  Run proactive monitoring  Report Anomalies to Developers!
  • 13.  Founded in 2009  Kaushal Bhavsar, pursuing PhD in Computer Security, is the founder & CEO  Team of background-checked enthusiastic security researchers with strong morals and ethics  Continuously researching…
  • 14.  Web Application Firewall using Net Canine WAF  Proactive Website Monitoring using Net Canine Monitoring System  Security Consulting  Vulnerability Assessment and Penetration Testing Leave your security tension upon us 
  • 15. For more details, contact kaushal@pratikar.com or our website www.pratikar.com