GOTO - The Brightest Minds in Tech

Mastering Web Security: Myths, Strategies & More! • Scott Helme & Sebastian Brandes

Jun 21, 2024

Security experts Scott Helme & Sebastian Brandes discuss debunking security myths, importance of Content Security Policy, challenges with legacy apps & shadow IT, implementing security measures, and empowering developers with security insights. They emphasize the role of organizational commitment in enhancing web security.

32:29

Creator website

Episode guests

Scott Helme

Sebastian Brandes

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Prioritizing security basics like HTTPS and security headers is crucial in mitigating risks.

Implementing Content Security Policy (CSP) can enhance resilience against web vulnerabilities and catch threats like cross-site scripting.

Deep dives

Challenges in Web Application Security

Identifying vulnerabilities in web applications, like missing security headers and known CVEs, through scanning millions of web services revealed ongoing security threats. Despite advancements, focusing on security basics like HTTPS and security headers remains crucial as organizations need to prioritize investing in application security to mitigate risks.

Intro

4min

Importance of Content Security Policy (CSP) in Web Security

7min

Security Challenges with Legacy Applications and Shadow IT

17min

Enhancing Web Security Through Proper Implementation of Security Measures

3min

Insights on Upcoming Training Events and Security Scans

3min

This interview was recorded at GOTO Copenhagen for GOTO Unscripted.
http://gotopia.tech

Read the full transcription of this interview here

Scott Helme - Security Researcher, Hacker & Founder of Report URI & Security Headers
Sebastian Brandes - Senior Principal Product Manager at F5

RESOURCES
Scott
https://twitter.com/Scott_Helme
https://linkedin.com/in/scotthelme
https://scotthelme.co.uk
https://github.com/ScottHelme

Sebastian
https://twitter.com/br4ndes
https://www.linkedin.com/in/sebastianbk
https://github.com/sebastianbk

Links
Sebastian: https://youtu.be/BX0TVzHOJgQ
https://crawler.ninja
https://docs.report-uri.com/setup/wizard
Scott: https://youtu.be/K9MwaSRdA94
https://research.checkpoint.com/2019/hacking-fortnite
Troy: https://youtu.be/pxPEdUFdayA
Jim: https://youtu.be/nvzMN5Z8DJI
Scott pt. 1: https://youtu.be/zvCXUozuI2A
Scott pt. 2: https://youtu.be/8PlCfYflz_A

DESCRIPTION
Get deep into the realm of application security, debunking myths around filters and emphasizing the power of a comprehensive defense strategy. Sebastian Brandes and Scott Helme share practical tips, highlight valuable resources, and underscore the critical role of organizational commitment in securing applications effectively.
Watch this interview to revamp your security approach with their actionable insights!

RECOMMENDED BOOKS
Liz Rice • Container Security
Andy Greenberg • Tracers in the Dark
Thomas J. Holt, Adam M. Bossler & Kathryn C. Seigfried-Spellar • Cybercrime and Digital Forensics
Aaron Parecki • OAuth 2.0 Simplified
Erdal Ozkaya • Cybersecurity: The Beginner's Guide

Bluesky
Twitter
Instagram
LinkedIn
Facebook

CHANNEL MEMBERSHIP BONUS
Join this channel to get early access to videos & other perks:
https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/join

Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket: gotopia.tech

SUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

GOTO - The Brightest Minds in Tech

Mastering Web Security: Myths, Strategies & More! • Scott Helme & Sebastian Brandes

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Challenges in Web Application Security

Importance of Content Security Policy (CSP)

Challenges in Managing Third-Party Dependencies

Developing a Comprehensive Application Security Strategy

Remember Everything You Learn from Podcasts