BloomTech’s Downfall: A Long Time Coming

Extending WAFs at the Application Layer

Extending WAFs at the Application Layer

OWASP Foundation via YouTube Direct link

Intro

1 of 33
Next

1 of 33

Intro

Class Central Classrooms beta

YouTube playlists curated by Class Central.

Classroom Contents

Extending WAFs at the Application Layer

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 Brief History of WAF's
  3. 3 Purpose of WAF's
  4. 4 Problems with WAF's
  5. 5 Bypassing WAF'S
  6. 6 Sanwaf: Application-Level Security Control
  7. 7 Purpose of Sanwaf
  8. 8 Bypass Example A cookie is being blocked by a WWF and is causing an issue, so
  9. 9 Sanwaf Does Not Replace WAF's
  10. 10 Sanitizing Data
  11. 11 How Sanwaf Works
  12. 12 Sanwaf Structure
  13. 13 Global Settings
  14. 14 Shield Settings
  15. 15 Regex Settings
  16. 16 Metadata Settings
  17. 17 Sanwaf Datatypes
  18. 18 Sanwaf: How it works
  19. 19 Sanwaf: How Strings Work
  20. 20 Sanwaf Datatype Performance
  21. 21 Example - Delimited Set of Numbers
  22. 22 Datatype Example: Delimited Set of Numbers (RegEx)
  23. 23 Datatype Example: Alphanumeric and Whitelisted
  24. 24 Datatype Example: Using a lava Class
  25. 25 Datatype Example: String & Regex
  26. 26 Implementing Sanwaf
  27. 27 Sample Implementation: Filter
  28. 28 Sample Implementation: Logging
  29. 29 Error Message Example
  30. 30 Rending Error to End User
  31. 31 Sample Application
  32. 32 Where to Git Sanwaf
  33. 33 Contact Information

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.