Budapest + May 12-13. =

Anand Vemuri

United States

Offensive and Defensive Strategies for Client-Side JavaScript Security

Secure software development principles have become of paramount importance in recent times. Studies have revealed that corporate cyber security breaches have most frequently occurred at the web application layer. Furthermore, within the web application security landscape, client-side attack vectors have been known to be particularly dangerous if exploited. Most client-side security resources tend to primarily discuss Cross-Site Scripting (XSS) exploits and remediation tips.

This talk will specifically focus on the other less common client-side vulnerabilities that are not as frequently discussed. Intentionally vulnerable applications developed with client-side JavaScript frameworks will be attacked and exploited live. Remediation strategies will also be discussed so that developers have tools to prevent these vulnerabilities. Through strengthening the security posture of JavaScript applications, we can take strides towards creating a more secure Internet.