Mitigating Web Application Risks

A session at InfoRisk360 Risk Management Workshop

  • Devesh Bhatt

Thursday 6th March, 2014

9:00am to 5:00pm (SMT)

This hands-on session provides the key technical solution to transform any website to highly secure and productive environment. You will able to learn the technique to conduct risk assessment, identifying and fixing the hidden vulnerabilities and risks in the web application.

Who should attend:
Application developers, application security analysts, technical managers, application architects, application testers, penetration testers, security professionals, auditors and anyone who is concerned about the website security

What is covered:
*SQL Injection attacks
*Password defenses
*Broken Authentication and Session Management
*Anatomy of a XSS attack
*Insecure Direct Object References
*Security Misconfiguration
*Sensitive Data Exposure
*Cross-Site Request Forgery Tokens and Re-authentication
*Missing Function Level Access Control
*Anatomy of a Clickjacking Attack
*Using components with known vulnerabilities
*Unvalidated redirects and forwards
*Encryption in Transit

Strategic Value Proposition:
*Participants will gain a solid understanding on security architecture for web application
*Participants will have valuable insight on web application threats and hacking techniques commonly use by hackers and cyber criminals
*Participants will understand how developers and penetration testers conduct risk assessment and the necessary steps to fix the vulnerabilities and secure web applications

Trainer’s Profile:
Devesh Bhatt is an application security researcher and consultant. He has managed and executed multiple projects involving Application/network penetration tests, vulnerability assessments and design reviews. He has written content on mobile application security for leading global online magazines. He likes reporting security vulnerabilities to organization and is listed in the Hall of fame of the following Google, Facebook, Apple, Paypal and many others.

About the speaker

This person is speaking at this event.
Devesh Bhatt

Security Researcher, Adobe Systems

Sign in to add slides, notes or videos to this session

Tell your friends!


Time 9:00am5:00pm SMT

Date Thu 6th March 2014

Session Hash Tag


Short URL


View the schedule


See something wrong?

Report an issue with this session