Learn quick and easy techniques to improve your website's security, protect against session hijacking, and defend against XSS and data injection attacks.
This talk will cover simple but lesser known techniques for dramatically improving your website's security, including:
This talk will explore:
1. HTTP Strict Transport Security (HSTS)
2. Content Security Policies (CSP)
3. Secure / HttpOnly cookies
4. XSS Protection
5. Frame Options
6. Isolated domains for user content
7. Avoiding passwords altogether