With security "shifting left" into DevSecOps, it's more difficult than ever to keep up with a rapidly evolving landscape of web technologies and the threats that come with them. While familiar vulnerability classes continue to plague our apps with the likes of XSS and SQL injection attacks, many frameworks are adopting automatic defences that protect against common abuse cases.

By Mark Stanislav and Fletcher Heisler

Full Abstract & Presentation Materials: https://www.blackhat.com/us-19/briefi...