Web application and API security trends and threats
Sean Leach from Fastly examines traffic replays of a web attack, what the attacker was targeting, and the technologies that were used to block the attack in this video from Software Architecture 2015.
City walls (source: Pixabay)
Most developers have no idea what DDOS, XSS, CSP, HSTS, etc. are, but they’re critical to the availability and security of a web application. This video covers some of the latest improvements in Web PKI (SSL/TLS) that a website should absolutely be using for their web stack.
The PKI / TLS discussion is especially relevant given the continued turmoil around governments snooping on end user traffic. There are few resources on the web that review how you should configure SSL/TLS, and this talk will go over the proper setup to make sure web application end users are protected.
Learn faster. Dig deeper. See farther.
Editor’s note: This video was originally recorded in March 2015 at the O’Reilly Software Architecture Conference.