Why Haven’t We Stamped Out SQL Injection and XSS Yet?

  • Friday, March 1, 2013 | 10:20 AM – 11:20 AM | Room: Room 132
View all Sessions

Everyone knows about SQL injection and XSS, so why do developers continue to write code with these defects? We’ve performed a study of millions of lines of Java code to understand what leads developers to use unsafe coding practices. We unveil a new open source security escaping library and new coding patterns developers can use to mitigate defects with minimal disruption to their code.

Participants

This document was retrieved from http://www.rsaconference.com/events/us13/agenda/sessions/114/why-havent-we-stamped-out-sql-injection-and-xss on Wed, 22 Oct 2014 20:37:48 -0400.
© 2014 EMC Corporation. All rights reserved.