101 Typical Security Pitfalls

Alexander Pirker - 3 years ago

Have you ever wondered about how it comes to security incidents? I mean the really big ones like someone accessing a remote host, or executing some nice scripts inside your browser?

In this session I want to show some of the most common pitfalls into which especially junior developers fall. Specifically, I want to cover the following frequent mistakes, and more:
* Missing Input Data Validation: Certainly a big one, since depending on the environment, this could lead to for example remote-code-execution (RCE) on your backend, or the execution of scripts in your browser, known under the term XSS
* Improper Usage of Data Types: One of my favorites, since it highlights how careless we sometimes use data types without reasoning about the consequences of our choices.
* Revocation processes: Unfortunately, as developers we build a system to run in a happy world, most of the time. But how do you deal with the revocation of a malicious entity?
* Denial-of-Service through service crashes

Jobs with related skills