OWASP Top 10 is a list of the 10 most common types of web vulnerabilities found in web applications today, made by OWASP. Since it is such a widely used and referred list by developers and hackers, people without web security experience could feel overwhelmed while trying to understand it, and may and up finding it complicated and confusing. My goal with this talk is to make ‘OWASP Top 10’ easily understandable for everyone including developers and people getting started in web security by using simple, real-world examples of the vulnerabilities, showing real disclosed bugs from bug bounty programs that paid and explaining the impact of them on the company, and by using my experience from the bug bounty space and the way I managed to understand these vulnerabilities in the first place. The talk will not only focus on how to find these bugs, but it will also try to help developers with understanding how to defend against these common vulnerabilities and write more secure code by understanding the way attackers think and try to exploit web applications.
The presentation was held at #BSidesBUD2019 IT Security Conference. All rights reserved.
bsidesbud.com