My presentation on OWASP IL Meetup and on the Application Security Meetup.
OWASP Top 10 is the most successful OWASP Project
It shows ten most critical web application security flaws.
Read the presentation and you will learn each OWASP Top 10 category and recommendations on how to prevent it.
Do not forget to
The presentation:
What will I cover in this post? In my previous post I have described Two-Factor Authentication with WebAuth.
But what should you do when a user replaces WebAuthn device?
In this post, we will learn how to reset WebAuthn for a specific user. In addition, we will see how to revert the WebAuthn configuration for all users.
Reset WebAuthn for a specific user If a user replaces WebAuthn device he /she will not be able to login and will see the following error:
What will I cover in this post? We will learn how to configure Two-Factor Authentication with Keycloak WebAuth.
In this post, I plan on:
Explaining what is WebAuth Explaining how to configure WebAuth in Keycloak Do not forget to follow me on Twitter
What is WebAuth? WebAuthn is the standard recommended by FIDO Alliance and W3C. WebAuthn defines a standard web API that gives users new methods to securely authenticate.
XML External Entities (XXE) is a dangerous vulnerability, currently ranked fourth (A4) in the OWASP Top Ten. Resolving this vulnerability should be a high priority for all Java developers.
In this presentation, presented by Anat Mazar (https://www.linkedin.com/in/anat-mazar/) and Michael Furman (https://www.linkedin.com/in/furmanmichael/) on the OWASP meetup we will
Demonstrate why XXE is so dangerous Show you how this vulnerability is typically resolved – in each and every place in the code that you parse an XML file Show you the better resolution – set a couple of system Java system properties once, and never worry about XXE again.
My SameSite Cookies podcast at the Application Security Podcast - Security Journey Podcasts.
Learn about SameSite cookies, the threats they counter, and how SameSite + the Synchronizer Token Pattern work together to counter CSRF.
.
My presentation at OWASP Chapters All Day
The video is published here.
How SameSite Cookies Are Making the World a Safer Place from Michael Furman
My short presentation at Write the Docs Meetup
It shows top 3 tips how to create security documentation.
The video is published here.
Top 3 tips for security documentation from Michael Furman
My presentation at SecSessions - Cybersecurity Meetup
The video recording:
The presentation:
OWASP Top Ten 2017 from Michael Furman
My presentation at Java.IL - the Israeli Java Community meetup.
OWASP A4 XML External Entities (XXE) from Michael Furman
My presentation at OWASP Appsec IL 2018
The video is published here.
Passwords are passé. WebAuthn is simpler, stronger and ready to go from Michael Furman