Marco Mirko Morana

Marco Mirko Morana

My career in cyber-security spans more than 20 years working in different roles and industry sectors. As a author, besides co-authoring the book on risk centric threat modelling I wrote a book on application security risk management for CISOs and several white papers covering application and software security topics.

Web Services Security

Date:

The document summarizes the top 10 vulnerabilities for web services proposed by OWASP, which were presented by Gunnar Peterson. It discusses each vulnerability including injection attacks, malicious file execution, insecure object references, information leakage, broken authentication, insecure cryptography, insecure communications, failure to restrict access, broken XML, and identity misuse. It also provides countermeasures to address each vulnerability. The document concludes with questions for discussion on how organizations are securing web services.

You can download the presentation slides from here