Strengthening Web Application Security: Understanding Threats, Defenses, and Best Practices

​This month, Tyler Sanderson will educate us on Strengthening Web Application Security: Understanding Threats, Defenses, and Best Practices!

• ​5:30pm: Food + hang out

• ​6:00pm: The good stuff

• ​7:30pm: Continued discussion 🍻

​Speaker: Tyler Sanderson

​Talk Summary

​Web applications are integral to modern business operations, but they remain prime targets for malicious actors. This session will provide an overview of web application security, beginning with the OWASP Top Ten threats—a globally recognized benchmark for application security risks. It will delve into common vulnerabilities such as Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and SQL Injection, exploring how these vulnerabilities are exploited and the strategies to defend against them. The talk will also cover best practices for secure application configuration, including enforcing Content Security Policies (CSP), as well as tools like static and dynamic application security testing (SAST/DAST) and dependency scanning solutions to proactively identify and address vulnerabilities.