Secure Your Code - Injections and Logging
This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: Injections and insufficient logging & monitoring.
What you'll learn
Security is a hard problem, especially when you are only running, not writing, an application. This talks shows how to protect against injections and also how to monitor them by combining two of the OWASP top 10 security risks: 1. Injections (A1:2017): We are using a simple application exploitable by injection and will then secure it with the Web Application Firewall (WAF) ModSecurity. 2. Insufficient Logging & Monitoring (A10:2017): We are logging and monitoring both the secured and the unsecured application with the Elastic Stack.