Advertisement
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers
Security "for free" through HTTP headers

Check these out next

HABILIDADES DE COMUNICACION EN LA EMPRESA.
HABILIDADES DE COMUNICACION EN LA EMPRESA.
Carolina Ruiz Amo
HTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English version
Michal Špaček
AI = SE , giip system manage automation with A.I
AI = SE , giip system manage automation with A.I
Lowy Shin
Facebook Anonymous Publisher
Facebook Anonymous Publisher
Chang Yu-Sheng
10a daniel felipe peña creación de un videojuego
10a daniel felipe peña creación de un videojuego
Nicole2411
Securing your web application through HTTP headers
Securing your web application through HTTP headers
Andre N. Klingsheim
HTTP Security Headers Every Java Developer Must Know
HTTP Security Headers Every Java Developer Must Know
Ayoma Wijethunga
WhiteHat Security Presentation
WhiteHat Security Presentation
markgmeyer
1 of 37

Security "for free" through HTTP headers

May. 30, 2013
Andre N. Klingsheim
Self employed consultant
Advertisement
Advertisement
Advertisement

Recommended

Денис Жевнер: “Aliens in da web: XSS explained”Денис Жевнер: “Aliens in da web: XSS explained”
Денис Жевнер: “Aliens in da web: XSS explained”Dakiry136 views23 slides
Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)
Cross-Site Scripting (XSS)Daniel Tumser4.8K views25 slides
Ver rmbv en_linux_centosVer rmbv en_linux_centos
Ver rmbv en_linux_centosJames Jara230 views1 slide
What is xss, blind xss and xploiting google gadgetsWhat is xss, blind xss and xploiting google gadgets
What is xss, blind xss and xploiting google gadgetsZiv Ginsberg666 views11 slides
laboratoriolaboratorio
laboratoriozantytaz201268 views1 slide
Secure HTTP Headers c0c0n 2011 Akash MahajanSecure HTTP Headers c0c0n 2011 Akash Mahajan
Secure HTTP Headers c0c0n 2011 Akash MahajanAkash Mahajan1.6K views14 slides

More Related Content

Viewers also liked(20)

HABILIDADES DE COMUNICACION EN LA EMPRESA. HABILIDADES DE COMUNICACION EN LA EMPRESA.
HABILIDADES DE COMUNICACION EN LA EMPRESA.
Carolina Ruiz Amo121 views
HTTP Strict Transport Security (HSTS), English versionHTTP Strict Transport Security (HSTS), English version
HTTP Strict Transport Security (HSTS), English version
Michal Špaček2.8K views
AI = SE , giip system manage automation with A.IAI = SE , giip system manage automation with A.I
AI = SE , giip system manage automation with A.I
Lowy Shin1.1K views
Facebook Anonymous PublisherFacebook Anonymous Publisher
Facebook Anonymous Publisher
Chang Yu-Sheng163 views
10a daniel felipe peña creación de un videojuego10a daniel felipe peña creación de un videojuego
10a daniel felipe peña creación de un videojuego
Nicole2411116 views
Securing your web application through HTTP headersSecuring your web application through HTTP headers
Securing your web application through HTTP headers
Andre N. Klingsheim1.5K views
HTTP Security Headers Every Java Developer Must KnowHTTP Security Headers Every Java Developer Must Know
HTTP Security Headers Every Java Developer Must Know
Ayoma Wijethunga2.3K views
WhiteHat Security PresentationWhiteHat Security Presentation
WhiteHat Security Presentation
markgmeyer1.3K views
List of useful security related http headersList of useful security related http headers
List of useful security related http headers
한익 주1.3K views
Plantas electricas fallas en los transformadoresPlantas electricas fallas en los transformadores
Plantas electricas fallas en los transformadores
norenelson751 views
Analysis of HTTP Security Headers in TurkeyAnalysis of HTTP Security Headers in Turkey
Analysis of HTTP Security Headers in Turkey
Dr. Emin İslam Tatlı845 views
Persamaan KuadratPersamaan Kuadrat
Persamaan Kuadrat
Dinar Nirmalasari5.3K views
How to secure your web applications with NGINXHow to secure your web applications with NGINX
How to secure your web applications with NGINX
Wallarm31.4K views
Clase 2 para continuarClase 2 para continuar
Clase 2 para continuar
Maribel Gaviria Castiblanco711 views
El folklor bolivianoEl folklor boliviano
El folklor boliviano
Julio De La Cruz157 views
Tarea seminario 2, búsqueda en pubmedTarea seminario 2, búsqueda en pubmed
Tarea seminario 2, búsqueda en pubmed
andresespinosalopez68 views
Security HTTP HeadersSecurity HTTP Headers
Security HTTP Headers
Chang Yu-Sheng260 views
Material didactico estudio_grupo -3Material didactico estudio_grupo -3
Material didactico estudio_grupo -3
Marvin Aguilar364 views
Presentación maltrato infantilPresentación maltrato infantil
Presentación maltrato infantil
Jesús Ángel Ruiz Moreno359 views
Lectura ironman 1Lectura ironman 1
Lectura ironman 1
Ester Jiménez Tomás179 views
Advertisement

Security "for free" through HTTP headers

  1. 1
  2. 2
  3. 3
  4. 4
  5. 5
  6. 6
  7. 7 - XSS (Cross Site Scripting) Prevention Cheat Sheet - OWASP Top 10 for JavaScript – A2: Cross Site Scripting – XSS
  8. 8
  9. 9
  10. 10
  11. 11
  12. 12
  13. 13
  14. 14
  15. 15
  16. 16
  17. 17
  18. 18 Evil site Click me! Vulnerable site Delete something!
  19. 20
  20. 21 Attacker Target
  21. 22
  22. 23 http://www.thoughtcrime.org/software/sslstrip/
  23. 24 www.onlinebank.com (unprotected) Redirect: https://www.onlinebank.com (unprotected) https://www.onlinebank.com (protected) Online bank
  24. 25 www.onlinebank.com (unprotected) Response (unprotected) https://www.onlinebank.com (protected) Online bankAttacker Response (protected) http://www.onlinebank.com (unprotected) https://www.onlinebank.com (protected) Response (protected) Response (unprotected)
  25. 26
  26. 27
  27. 28
  28. 29
  29. 30
  30. 31
  31. 32
  32. 33
  33. 34
  34. 35
  35. 36
  36. 37
  37. 38
Advertisement