Michael Coates from Mozilla’s Infrastructure Security team presented on top web security threats and how new security controls in Firefox can be leveraged to increase the security of a website and further protect users against malicious attacks.
Attackers are continuing to exploit issues that are challenging for web application owners to address throughout their applications. Some of these issues include:
– cross site scripting vulnerabilities
– intercepting sensitive communications due to incorrect usage of SSL/TLS
– user confusion attacks such as click-jacking
New security controls in Firefox such as Content Security Policy, Strict Transport Security, and X-Frame-Options provide effective defense mechanisms that can be utilized by a web application to increase security.
This presentation was delivered to the annual ENISA & Forth Security Summer School held in Greece that attracts security and technology experts throughout Europe and also to a group of application security experts at the OWASP Greece chapter.
The full presentation can be viewed at the following link:
http://people.mozilla.org/~mcoates/WebSecurityControls.html
-Michael Coates
oxdef wrote on
mcoates wrote on
Ping from Web Application Security » Blog Archives » Mozilla Discusses New … « Tips On Security on