YoVDO

CSPAutoGen - Black-box Enforcement of Content Security Policy upon Real-world Websites

Offered By: Association for Computing Machinery (ACM) via YouTube

Tags

ACM CCS (Computer and Communications Security) Courses Web Security Courses Content Security Policy Courses

Course Description

Overview

Explore a conference talk from CCS 2016 that delves into CSPAutoGen, a novel approach for enforcing Content Security Policy on real-world websites. Learn about the black-box enforcement technique presented by researchers from Northwestern University and Lehigh University. Discover the deployment burden, related works, and the system's origin. Understand the training phase, web page rewriting process, and the template system utilized. Examine the dynamic script rewriting phase and evaluation results. Gain insights into template maintenance, performance overhead, and compatibility issues. Conclude with a summary of the research findings and participate in a Q&A session to further discuss this innovative security solution.

Syllabus

Title
Deployment Burden
Related Works
Origin
Training Phase
Rewriting Web Pages
Template System
Dynamic Script
Rewriting Phase
Evaluation Results
Template Maintenance
Performance Overhead
Compatibility
Conclusion
Questions


Taught by

ACM CCS

Related Courses

Configuring Security Headers in ASP.NET and ASP.NET Core Applications
Pluralsight Modern Browser Security Reports
Pluralsight PHP Web Application Security
Pluralsight Magento 2 Quick Tips
YouTube OWASP Top 10: #7 XSS and #8 Insecure Deserialization
LinkedIn Learning