Description:

Web Application security has become one of the top concerns of online businesses. As firewalls and IPSs are getting more and more sophisticated, and successful in keeping the bad guys out, web applications still seem to be the Achilles Heel of network security. Also, as most web apps use custom code bases, chances of security bugs creeping in are much higher. The OWASP foundation has compiled a list of the top 10 vulnerabilities in web applications:A1 - Cross Site Scripting (XSS)A2 - Injection Flaws (SQL and Command)A3 - Malicious File ExecutionA4 - Insecure Direct Object ReferenceA5 - Cross Site Request Forgery (CSRF)A6 - Information Leakage and Improper Error HandlingA7 - Broken Authentication and Session ManagementA8 - Insecure Cryptographic StorageA9 - Insecure CommunicationsA10 - Failure to Restrict URL AccessIn this video series, Barry Dorrans, an MVP, discusses the OWASP Top 10 and shows demos to illustrate each vulnerability. The counter measures and secure coding guidelines are also mentioned, but concentrate solely on the ASP.NET platform. The video is very elaborate in its coverage and is a good watch for web hackers in general and ASP.NET developers in particular. Thanks to Edge UG for posting these on Vimeo. Enjoy!