Tribal Qonf: Micro Workshop: “Why & How you should do your HTTP Headers right?” by Santhosh Tuppad

  HTTP Headers are MUST if the businesses care about Security. Some complain that they do not have the budget, but these little things don’t need a budget, but passion towards securing applications unless you are going with a deeper security assessment where it needs…

 

HTTP Headers are MUST if the businesses care about Security. Some complain that they do not have the budget, but these little things don’t need a budget, but passion towards securing applications unless you are going with a deeper security assessment where it needs a specialist or an expert.

Most of the programmers and testers are not aware of HTTP Headers they can implement to mitigate deadly attacks such as Cross-Site Scripting, Clickjacking, MIME Sniffing attacks, Form Data HiJacking, Banners Revealing Sensitive Information etcetera.

Trust me, these just don’t take a lot of time to get right and build prevention mechanisms against certain types of dangerous vulnerabilities. Mind you, it doesn’t just apply to every variant of a specific attack but does surely help to strengthen the security wall.

This micro workshop is a demonstration based where two things will be spoken about:

  •  What kind of attacks are we vulnerable to if we don’t use Secure HTTP Headers?
  • What needs to be done to mitigate security vulnerabilities by using these secure HTTP Headers?

We will have a lot of fun learning about HTTP Headers.

Key learnings:

  • Understand why HTTP Headers are important to your web applications?
  • Learn how to implement these HTTP Headers in the right way?
  • Mitigating attacks such as XSS, ClickJacking & other attacks.
  • Get a perspective of how no secure HTTP Headers can cause ugly problems.
  • Become HTTP Headers Advocate/Fighter in your organization.

Speaker Bio:

security tester. application security. owasp cheat-sheet contributor. network security. exploratory tester. test automator. zero-day vulnerability finder. award winner in the security area. international keynote speaker. coach & mentor. trainer.

Santhosh Tuppad has played different roles in his life which include being a Passionate Entrepreneur, Computer Engineer, Software Tester, JavaScript, and Python Programmer, Blogger, Reader, Trainer, Coach, Black-hat Thinker, White-hat Hacker, Grey-Hat hacker and what not. In this amazing journey of life, he has experienced his salvation. Not to forget that “Salvation comes at a price” and of course he has paid that price. Before he was known for being merciless, ruthless, unkind, evil, etc. And today he is known for kindness, humbleness, and some people call him “Privacy Fighter”. Santhosh is also one of the OWASP Cheatsheet Contributors and shares his knowledge on Security and Testing unconditionally. The world finds his ways “Unconventional”, but he thinks that it’s the best. ?

X
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]