According to the Verizon DBIR (Data Breach Investigation Report) for 2016, web application attacks are the #1 source of data breaches. Web applications account for only 8 percent of overall reported incidents. However, attacks on web applications accounted for over 40 percent of incidents resulting in a data breach, and were the single-biggest source of data loss.
With those threats in mind, it has never been more important to ensure that companies have visibility into what is happening with their web apps. The most effective way to address application flaws and preemptively block unknown attacks is to have a close relationship with your web application firewall.
Static, signature based blocking is not enough to address never before seen attacks. In this talk, we will walk through scenarios that we have observed, talk about coding practices that enable your web app to be secured, and describe the steps that are taken to defend against critical web applications attacks.