Dates
Conferences
Tags
Sort by:
Most recent
Conference: Global AppSec Dublin 2023
Authors: Gal Weizman
2023-02-15
tldr - powered by Generative AI
The presentation discusses the importance of improving security and visibility in JavaScript Realms through third-party solutions. However, these solutions lack visibility into JavaScript Realms, which affects security.
- Third-party solutions can assist in improving security and visibility in JavaScript applications
- Behavioral overriding or monkey patching is used by third-party solutions to gain control over the application and runtime
- However, these solutions lack visibility into JavaScript Realms, which affects security
- Realms are ecosystems in which JavaScript plugins exist and have their own global execution environment
- Improving security and visibility in Realms requires solutions that can provide visibility into Realms
Conference: Global AppSec Dublin 2023
Authors: Jeff Williams
2023-02-15
tldr - powered by Generative AI
The presentation discusses the importance of incorporating threat intelligence and runtime protection into application security programs to prevent attacks and vulnerabilities.
- Threat intelligence can dynamically change the risk of an attack and allow for prioritization of security measures.
- Runtime protection can prevent a significant portion of vulnerabilities from being exploited.
- Instrumentation and telemetry can provide real-time feedback to developers and production teams.
- Trust boundaries and sandboxes can be implemented to prevent common vulnerabilities such as unsafe serialization and expression language injection.