Smartial Wayback Machine Text Extractor



Live version of this page exists.

https://web.archive.org/web/20220106013629/https://webdirections.org/remixed/speakers/bjarki-agust-gudmundsson.php

This article contains 1 images. You will find them at the very end of the article.

This article contains 331 words.

Web Directions Remixed

Session Details

Eliminating XSS by adopting Trusted Types

Bjarki Ágúst Guðmundsson Security Engineer Google

Year after year, Cross-Site Scripting (XSS) continues to be the most expensive type of web vulnerability found in bug bounty programs. The most common variant of XSS occurs on the client side, when untrusted user input is passed to dangerous DOM APIs. Trusted Types is a novel web browser API designed to eliminate DOM-based XSS. It locks down dangerous DOM sinks, asking developers to prove that input is safe by using an appropriate security policy to avoid triggering a Trusted Types violation. Analyzing results from Google's Vulnerability Reward Program, it has been shown to prevent at least 61% of DOM-based XSS that Google's static code analysis pipeline missed. In this talk we show how web applications can significantly strengthen their security posture against DOM-based XSS by adopting Trusted Types, as well as the steps required to identify, fix, and prevent future Trusted Types violations.

Bjarki Ágúst Guðmundsson

Bjarki has a strong technical background in computer science, having started at an early age developing websites. He holds an M.Sc. in Computer Science and a B.Sc. in Discrete Mathematics from Reykjavík University, with a short academic career resulting in several peer-reviewed publications and talks on international conferences, both in the field of Computer Science and Mathematics. Bjarki previously worked as an information security consultant, performing everything from application assessments to real-world attack simulations. At Google, Bjarki carries out security hardening of application frameworks, develops inherently secure APIs, and compiler guards that guide developers to these APIs.

Don't miss your chance to see Bjarki Ágúst Guðmundsson and many other inspiring speakers at Remixed '22.

Register for Remixed '22–it's Free

Remix '22 is free. Just complete this form and you'll be all set to go in January 2022–And why not follow us on Twitter?



Images:

The images are downsized due to limited space here. The original dimensions may differ.
Click on the image to open it on a new tab.



Please close this window manually.


Instructions:


Use the extracted text in accordance with copyrights and intellectual property rights. It is illegal to use unauthorised content and doing so you may face various legal consequences.

Single page text extractor uses default axtraction method built on readability.php

Free archive.org search tools

Free domain auditing tools

Free expired content hunting tools

Free email tools