Not all Web application attacks are created equally; different layers of a Web app require different means of attack.
In this video presentation, expert Cory Scott explains different Web application attack types that occur in the wild and how they target different layers of a Web application, from the browser to application functionality, data repositories and the Web server environment. He then gives targeted strategies for locking down enterprise Web apps against these attacks.
This video is part of SearchSecurity.com's Security School lesson, Web application attacks: Building hardened apps. For more learning resources, visit either the lesson page or the Security School course catalog page.
About the expert:
Cory Scott is a director with security consultancy Matasano Security.