Talk 12:00 - 12:45 August 09, 2020

Philipp Krenn

@xeraa

This talk combines two of the OWASP top ten security risks to highlight some widespread "this is fine" issues:

  • Injections (A1:2017): We are using a simple application exploitable by injection and will then secure it with the Web Application Firewall (WAF) ModSecurity.
  • Insufficient Logging & Monitoring (A10:2017): We are logging and monitoring both the secured and the unsecured application with the Elastic Stack.