NCL 10: WebApp Business Logic Vulnerabilities

Navigating the Cyber Land series is coming up on Wednesday, August 25 at 2:00 pm EEST, with a new episode "WebApp Business Logic Vulnerabilities".

This webinar will explore a less-known class of web application vulnerabilities. When doing security assessments of web applications, automated scanners cannot detect all vulnerabilities. And there is a class of vulnerabilities related to whether the application code actually enforces the design logic intended by the developer. Those vulnerabilities are called Business Logic Vulnerabilities.

The main difference between this class of vulnerabilities and the more known technical vulnerabilities is that the conditions for the latter class of vulnerabilities can exist in different applications regardless of their intended functionalities. On the other hand, the conditions for Business Logic Vulnerabilities are pretty much unique to each application. And that is why spotting them cannot be automated.

In this webinar, we will:

• Look at different examples of Business Logic Vulnerabilities and how they can compromise the applications.
• We will shed light on how to think in an unconventional way (outside the box) when assessing the security of a WebApp.
• We will also go over the guidelines and methodology provided by OWASP Testing Guide for business logic testing.

Reserve your spot now!