Description: This is the video of the talk titled "Is XSS Solveable?" given at LayerOne 2009 by Don Ankney.
Talk Description: The presentation will begin by defining the scope of the problem – exactly what cross site scripting is, the risks that it poses, and how attackers use it to attack your customers. From there, we will spend some time defining what successful XSS mitigation code would look like including both input validation and output encoding. Finally, we will look at what it takes institutionally to implement a solid mitigation across your enterprise throughout the development lifecycle with an emphasis on how static code analysis tools can help verify that your code conforms to the XSS design requirements.
Speaker Bio: Don Ankney is a Security Advisor is Online Services Security and Compliance at Microsoft. Previously, he was an Analyst at the University of Washington where he was a coordinator of the web application security working group and has worked in the security access management group at Cingular Wireless.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.