YoVDO

Enterprise Security API ESAPI 2.0 Crypto Changes

Offered By: LASCON via YouTube

Tags

LASCON Courses Cryptography Courses Enterprise Security Courses

Course Description

Overview

Explore the significant changes in ESAPI 2.0 Crypto in this 16-minute conference talk by Kevin Wall, ESAPI Project co-owner, at LASCON 2012. Learn about the reasons behind the crypto changes, the problems with ECB mode, and the importance of message authenticity. Gain insights into padding oracle attacks and examine advanced crypto examples. Discover how these updates enhance enterprise security and improve cryptographic implementations in ESAPI 2.0.

Syllabus

Intro
Obligatory CV
Why the ESAPI 2.0 Crypto Changes?
What's Wrong with ECB Mode?
Why Do We Need Message Authenticity?
Aside: Padding Oracle Attack
Major Changes in ESAPI 2.0 Crypto
Advanced Crypto Example (cont'd)


Taught by

LASCON

Related Courses

Comparing WAF and RASP - Why?
LASCON via YouTube API Security - Is it the New Application Attack Surface and How to Secure at Enterprise Scale
LASCON via YouTube Privacy Impact Assessments - How Much Privacy Is Enough?
LASCON via YouTube Your Frontier Defense - Understanding Web Application Firewalls
LASCON via YouTube Doing This One Crazy Thing Will Change Your AppSec Program Forever
LASCON via YouTube