Everything in the OWASP TOP 10 is covered in this session, including: Injections, Broken Authentication and Session Management, Cross-Site Scripting (XSS), Insecure Direct Object References, Security Misconfiguration, Sensitive Data Exposure, Missing Function Level Access Control, Cross-Site Request Forgery (CSRF), Using Components with Known Vulnerabilities, Unvalidated Redirects and Forwards.
The rise of public cloud computing has brought with it a new set of security considerations that are not widely understood. With a unique perspective from working on the security systems of a public cloud, Mark describes public cloud service provider and cloud customer threats, including malicious insiders, shared technology, data breaches, and data loss. For each, he assesses the risks and explores the value of mitigations like encryption-at-rest, encryption-in-flight, and other security best practices, separating hype from reality so that you can make educated decisions as your organization moves to the cloud.
Come hear the master of Windows troubleshooting, walk you step-by-step through how he has solved seemingly unsolvable system and application problems on Windows. With all new real case studies, Mark shows how to apply the Microsoft Debugging Tools and his own Sysinternals tools, including Process Explorer, Process Monitor, to solve system crashes, process hangs, security vulnerabilities, DLL conflicts, permissions problems, registry misconfiguration, network hangs, and file system issues. These tools are used on a daily basis by Microsoft Product Support and have been used effectively to solve a wide variety of desktop and server issues, so being familiar with their operation and application will assist you in dealing with different problems on Windows.