[Owasp-germany] 19. Dresdner OWASP Stammtisch

Benjamin Kellermann Benjamin.Kellermann at gmx.de
Thu Feb 16 20:12:35 UTC 2017


Hallo!

Am 27.02.2017 findet der 19. Dresdner OWASP Stammtisch[1] im CCC
Hackerspace[2] im Zentralwerk, Riesaer Straße 32 statt.

Beginn ist 19:30 Uhr, alle Interessierten sind wie immer herzlich eingeladen!

Thema: Bastian Braun wird einen Vortrag über Anti-Automatisierung halten.

Bot or Not? - Mitigating Automated Threats to Web Applications

One of the prevalent threats for web applications are automated attacks.
These range from the well-known scenario where an attacker tries to
brute force password-protected login forms to sophisticated bots that
try to silently but automatically harvest potentially sensitive
information. Various technologies try to mitigate the threat posed by
automated attacks. Some applications employ CAPTCHAs, others try to
block requests from the attacker's IP address. However, these
anti-automation techniques usually suffer from side effects - many just
impairing the user experience while some even tend to lock out a number
of users mistakenly. This talk presents an overview of available
anti-automation concepts and discusses advantages and shortcomings of
each approach. Based on these characteristics, it gives recommendations
about suitable areas of application for each concept.


Viele Grüße,
Ben

[1] https://www.owasp.org/index.php/OWASP_German_Chapter_Stammtisch_Initiative/Dresden
[2] http://c3d2.de/space.html




More information about the Owasp-germany mailing list