HTTP Headers are MUST if the businesses care about Security. Some complain that they do not have the budget, but these little things don’t need a budget, but passion towards securing applications unless you are going with a deeper security assessment where it needs a specialist or an expert.
Most of the programmers and testers are not aware of HTTP Headers they can implement to mitigate deadly attacks such as Cross-Site Scripting, Clickjacking, MIME Sniffing attacks, Form Data HiJacking, Banners Revealing Sensitive Information etcetera.
Trust me, these just don’t take a lot of time to get right and build prevention mechanisms against certain types of dangerous vulnerabilities. Mind you, it doesn’t just apply to every variant of a specific attack but does surely help to strengthen the security wall.
This micro workshop is a demonstration based where two things will be spoken about:
1) What kind of attacks are we vulnerable to if we don’t use Secure HTTP Headers?
2) What needs to be done to mitigate security vulnerabilities by using these secure HTTP Headers?
We will have a lot of fun learning about HTTP Headers.
Key learning 1: Understand why HTTP Headers are important to your web applications?
Key learning 2: Learn how to implement these HTTP Headers in the right way?
Key learning 3: Mitigating attacks such as XSS, ClickJacking & other attacks.
Key learning 4: Get a perspective of how no secure HTTP Headers can cause ugly problems.
Key learning 5: Become HTTP Headers Advocate/Fighter in your organization.
security tester. application security. owasp cheat-sheet contributor. network security. exploratory tester. test automator. zero-day vulnerability finder. award winner in the security area. international keynote speaker. coach & mentor. trainer.