VIDEO
HIGHLIGHT
Log InSign up
Mitigation of OWASP Web Security Top 10 - 2021 risks using F5 Distributed Cloud Platform
SummaryTranscriptChat

Mitigation of OWASP Web Security Top 10 - 2021 risks using F5 Distributed Cloud Platform

Mitigating OWASP Web Security Risks with Distributed Cloud

Introduction to Cybersecurity Challenges

  • The session introduces the increasing risks associated with modern applications and cybercrime, which is projected to become the third largest economy by 2025.
  • Researchers are continuously discovering new vulnerabilities, making it challenging to manage existing ones while addressing new threats.

Overview of OWASP

  • OWASP (Open Web Application Security Project) is an open-source community focused on web application security, providing insights into security risks and prevention strategies.
  • Established in 2001, OWASP conducts global events and releases periodic reports on the top ten web application risks along with best practices for developers.

Shift Towards Secure Development Practices

  • As companies adopt a shift-left strategy from DevOps to SecDevOps, developers must write secure code. Recommendations from OWASP can help mitigate vulnerabilities in production environments.

Focus on Injection Attacks

  • Injection attacks exploit backend information through random inputs, allowing hackers to bypass login validations using malicious code.
  • Various types of injections exist (e.g., SQL, NoSQL), necessitating advanced protection measures beyond traditional WAF solutions.

Introducing WAAP for Protection

  • WAAP (Web Application and API Protection), offered by F5 as a SaaS solution, provides comprehensive features like Web Application Firewall, API Security, Bot Defense, and DDoS Protection against sophisticated attacks.

Demonstration of Mitigation Techniques

  • A demo showcases a juice shop application where login attempts are made using valid credentials followed by SQL injection attempts.
  • Successful exploitation of administrative privileges illustrates the potential damage that can occur if proper protections are not in place.

Configuration of Distributed Cloud Solutions

  • The speaker discusses pre-configured settings within Distributed Cloud that enhance security measures against identified vulnerabilities.
Playlists: 2021 OWASP Top Ten
Video description

This demo starts with the overview of OWASP, then shows top 10 web security risks and finally illustrates how we can safeguard our enterprise applications against these top 10 threats using F5 Distributed Cloud. Links: https://community.f5.com/t5/technical-articles/mitigating-owasp-web-application-security-top-10-2021-using-f5/ta-p/311403 https://owasp.org/Top10/ ⬇️⬇️⬇️ JOIN THE COMMUNITY! ⬇️⬇️⬇️ DevCentral is an online community of technical peers dedicated to learning, exchanging ideas, and solving problems - together. Find all our platform links ⬇️ and follow our Community Evangelists! 👋 ➡️ DEVCENTRAL: https://community.f5.com ➡️ YOUTUBE: https://youtube.com/devcentral ➡️ LINKEDIN: https://www.linkedin.com/showcase/f5-devcentral/ ➡️ TWITTER: https://twitter.com/devcentral Your Community Evangelists: 👋 Jason Rahm: https://www.linkedin.com/in/jrahm/ | https://twitter.com/jasonrahm 👋 Buu Lam: https://www.linkedin.com/in/buulam/ | https://twitter.com/buulam 👋 Aubrey King: https://www.linkedin.com/in/aubreyking | https://twitter.com/aubreykingf5