YoVDO

Content Security Policies - Let's Break Stuff

Offered By: GOTO Conferences via YouTube

Tags

GOTO Conferences Courses Web Development Courses Cybersecurity Courses Social Engineering Courses Content Security Policy Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the world of Content Security Policies (CSPs) in this informative conference talk from GOTO Copenhagen 2018. Delve into the importance of CSPs as a crucial security tool, understanding their functionality, implementation, and limitations in protecting website users. Witness demonstrations of attacks thwarted by CSPs, observe a site intentionally broken by a CSP, and learn about various CSP directives and options. Gain insights into available tools for working with CSPs and discover how to effectively integrate them into your security strategy. Perfect for developers and security professionals looking to enhance their web application security knowledge.

Syllabus

Intro
Background
Crosssite scripting
Cross site scripting
Persistent crosssite scripting
Reflective crosssite scripting
Selfcrosssite scripting
Social engineering
Facebook console
Fight back against hackers
What is a content security policy
Browser support
Resources
Image
Object Source
Style Source
Inline Source
Dont Use It
Nonce
Constant Security
Breaking Production
Breaking the Site
Report URI
Payload
ReportURI
ReportOnly
Over Time
Fun Part
Business buzzwords
Requirements
Gibson
Garbage Files
Update Files
Script
Pop Emoji
Poop Emoji
Corporate Phone Call
Code Base
No poop emojis
No proof emojis
Inline script
Homepage
Gate
Home Page
Garbage File
Content Security Policy
Tips
Cryptographic Nonces
Twig
Multiple Policies
Enforce Report Policies
Test Multiple Policies
Scott Helm
Mr Goodwin
Homework


Taught by

GOTO Conferences

Related Courses

CompTIA PenTest+ Certification
A Cloud Guru Assets, Threats, and Vulnerabilities
Google via Coursera Cyber Security Foundations: Common Malware Attacks and Defense Strategies
EC-Council via FutureLearn Fundamentos de ciberseguridad para usuarios
Universitat Politècnica de València via edX Escudo Digital: Ciberseguridad para Protección de Datos y Sistemas
Universidad Anáhuac via edX