Web App Security: URLs, Uploads and Dragons

-

Presentation Cyber Hack
CS Cyber Security

Handling file uploads and processing URLs should be easy, right? Well, it turns out there are many things that can go wrong, in lots of different ways, and at many levels (e.g. an application, a framework, the web browser, a proxy server). We explore through example how assumptions and subtle mishandling of URLs and files can lead to various high severity OWASP top 10 vulnerabilities.

In this seminar we will build an understanding of these vulnerabilities that spares no detail whilst being accessible also at a non-technical level.

What you will takeaway from this session:

  • Subtle dangers of the humble URL
  • Why hackers gravitate towards File Upload features
  • Exploitation of Server-side Request Forgery (SSRF) vulnerabilities
  • How to avoid these dragons

Speaker
Head of Research & Development
AppCheck NG
Exhibitor
more F40