Website Security – Improvements to Consider for any Website
Presented by RB Woods
For website owners, developers and administrators web security today may seem less like a checklist and more like a murky mess without clear definition or direction. Alternatively, some may consider their checklist completed while they remain blissfully unaware of real vulnerabilities within the site implementation that could ultimately prove harmful to the site or users.
With technologies and threats that continue to evolve it can be hard to even know where to start or what should or could be implemented next. This discussion will touch on many topics including some ignored or relatively unknown building blocks that, when properly implemented alongside other foundational pieces, can greatly strengthen the site defenses helping to protect both the site and the site users. Topics may include SQL injection, password storage, cross-site scripting (XSS), content security policy (CSP), cross-site request forgery (CSRF) mitigation and two-factor authentication (2fa).