Next Waterloo Technology Chautauqua is nigh: who wants to learn about web app/api/site security?

Next Waterloo Technology Chautauqua is nigh: who wants to learn about web app/api/site security?

I thought I would share some of the hands-on how-to and learning of hardening some web sites and applications. I posted a bit about this here (and in vid @ bottom).

If you are interested in sharing learning on assessing a web app/api/site for security. How to harden it, showing some of the tools, come on out.

I will then show some of the complex things you can do w/ a Web Application Firewall (WAF) using resty-lua-waf (https://github.com/p0pr0ck5/lua-resty-waf) as an example, if you are stuck with a weak app and no way to fix its code.

Topics:

  • Content-Security-Policy
  • XSS-*
  • Cross Origin Request Sharing
  • HTTP Strict Transport Security
  • TLS setup
  • DNS CAA

 

Feel free to open https://observatory.mozilla.org/analyze/www.rbcroyalbank.com and be amazed @ the score of 0/100 (F).

Link below for where/when etc.

Waterloo Technology Chautauqua

Kitchener, ON
583 Members

[Chautauqua](https://en.wikipedia.org/wiki/Chautauqua) is a principle of continuous adult education.The seed of this group is a set of people who have worked together on a va...

Next Meetup

Securing a web (site/app/api): hands on!

Tuesday, Jan 28, 2020, 7:00 PM
7 Attending

Check out this Meetup Group →

 

One comment on “Next Waterloo Technology Chautauqua is nigh: who wants to learn about web app/api/site security?

Leave a Reply

Your email address will not be published. Required fields are marked *

*