19. Dresdner OWASP Stammtisch

Ben @ OWASP
Datum
Montag, 27. Februar 2017 um 19:30 Uhr bis 22:00 Uhr
Ort
HQ im Zentralwerk

Bastian Braun wird einen Vortrag über Anti-Automatisierung halten.

Bot or Not? - Mitigating Automated Threats to Web Applications

One of the prevalent threats for web applications are automated attacks. These range from the well-known scenario where an attacker tries to brute force password-protected login forms to sophisticated bots that try to silently but automatically harvest potentially sensitive information. Various technologies try to mitigate the threat posed by automated attacks. Some applications employ CAPTCHAs, others try to block requests from the attacker's IP address. However, these anti-automation techniques usually suffer from side effects - many just impairing the user experience while some even tend to lock out a number of users mistakenly. This talk presents an overview of available anti-automation concepts and discusses advantages and shortcomings of each approach. Based on these characteristics, it gives recommendations about suitable areas of application for each concept.

Mehr Infos gibt zur Dresdner OWASP Initiative gibt es im OWASP Wiki.