In this BSides Las Vegas talk, r2c security researchers Colleen Dai and Grayson Hardaway present a study on the effectiveness of secure guardrails and how to slash the risk of XSS by half.
Learn how they used real code to show that secure defaults can significantly raise a company’s security bar. Colleen and Grayson also present XSS findings across 125 repos on GitHub using Java, Ruby, Python, JavaScript, or Golang, discuss how those occurrances could have been mitigated, and share a free set of rules that you can immediately run on your own code to prevent XSS from occurring in the future.