25 lines
1.6 KiB
XML
25 lines
1.6 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE item SYSTEM "http://www.c3d2.de/dtd/c3d2web.dtd">
|
|
|
|
<item title='19. Dresdner OWASP Stammtisch' date='2017-02-16T21:00:00' author='Ben'>
|
|
<image title='OWASP'>owasp_logo_250x250.png</image>
|
|
<event>
|
|
<start>2017-02-27T19:30:00</start>
|
|
<end>2017-02-27T22:00:00</end>
|
|
<location><link href="space.html">HQ</link> im Zentralwerk</location>
|
|
</event>
|
|
|
|
<p>
|
|
Bastian Braun wird einen Vortrag über Anti-Automatisierung halten.
|
|
</p>
|
|
<p title="Bot or Not? - Mitigating Automated Threats to Web Applications" class="blockquote">
|
|
One of the prevalent threats for web applications are automated attacks.
|
|
These range from the well-known scenario where an attacker tries to brute force password-protected login forms to sophisticated bots that try to silently but automatically harvest potentially sensitive information.
|
|
Various technologies try to mitigate the threat posed by automated attacks. Some applications employ CAPTCHAs, others try to block requests from the attacker's IP address. However, these anti-automation techniques usually suffer from side effects - many just impairing the user experience while some even tend to lock out a number of users mistakenly.
|
|
This talk presents an overview of available anti-automation concepts and discusses advantages and shortcomings of each approach. Based on these characteristics, it gives recommendations about suitable areas of application for each concept.
|
|
</p>
|
|
<p>
|
|
Mehr Infos gibt zur Dresdner OWASP Initiative gibt es <link href="https://www.owasp.org/index.php/OWASP_German_Chapter_Stammtisch_Initiative/Dresden">im OWASP Wiki</link>.
|
|
</p>
|
|
</item>
|