Скачать или смотреть Attacking the front-end. Modern-day client-side security - Kaif Ahsan

We’ve come a long way since the early days of client-side security when injection attacks like XSS and SQLi were rampant. Modern frameworks come with a lot of out-of-the-box protections. But with the frameworks, the attackers have also evolved. In this talk, Kaif Ahsan, a Product Security Engineer at Atlassian, will share the most common ways modern web applications are hacked. Many of which he regularly comes across at work. These talks will be beneficial to a wide range of audiences, both offensive and defensive. Kaif will share various techniques and examples of exploiting modern web applications like React, Angular etc. These would be useful for Pentesters and bug bounty hunters. Furthermore, we will be exploring various best practices to tackle these vulnerabilities and build secure web apps which are relevant for security engineers and developers.

Kaif Ahsan is a coder by passion and a hacker by profession. He started his journey in tech as Software Engineer but soon fell in love with the art of breaking software. His knowledge of development and cybersecurity has naturally led him to the Application Security space, where he currently works as a Product Security Engineer at Atlassian. Kaif is a big proponent of education and open access to knowledge. He regularly volunteers to run cybersecurity workshops at various universities as well as giving talks at local meet-ups and conferences. He is also the co-host of YT channel, Everything Cyber, where he shares hands-on and conversational videos on tech and cybersecurity. His videos target intermediate-level professionals and help them gain expertise through practical content.