Via Hacker News and Peteris Kumins' blog on programming, hacking, software reuse and stuff comes the latest Google tech talk, this one on web application vulnerabilities and "how cybercriminals steal money".

While Peteris and Google are targeting web developers with this informative video talk, it's a great resource as well for security folks as well as network administrators tasked with understanding how to thwart web application attacks.

Even if you've deployed a web application firewall to protect you from these kinds of vulnerabilities, it's still a great idea to watch this one and get a better understanding of the attacks.

The three vulnerabilities covered are:

  • SQL Injection
  • Cross-Site Request Forgery (XSRF)
  • Cross-Site Script Inclusion (XSSI)

The video and direct link are included here as well, but check out Peteris' blog for an overview of interesting points in the tech talk.

Direct URL: http://www.youtube.com/watch?v=jc6Q1uCnbMo

Follow me on Twitter View Lori's profile on SlideShare AddThis Feed Button Bookmark and Share