The State of Application Security 2023 • Sebastian Brandes • GOTO 2023
This presentation was recorded at GOTO Copenhagen 2023. #GOTOcon #GOTOcph
Sebastian Brandes - Co-founder of HeyHack
ORIGINAL TALK TITLE
The State of Application Security 2023: Learnings from 4 Million Scanned Services
Unveiling the Power of Proactive Cybersecurity Investments
RESOURCES
ABSTRACT
The digital security environment is always evolving, with fresh vulnerabilities surfacing, outdated software being phased out, and shifting security guidelines. Heyhack has conducted extensive global scans, assessing countless vulnerabilities. This discussion presents key vulnerabilities and delves into the actual data Heyhack has gathered worldwide. The aim is to heighten awareness and offer concrete examples of the most prevalent cyber risks today.
The foundation for this discussion is grounded in Heyhack’s comprehensive study on 4 million public-facing web services across the globe. This extensive research not only highlights the scale of their investigation but also underscores the significance of the vulnerabilities they’ve uncovered. This vast dataset offers a detailed snapshot of the current online security landscape, and it serves as a pivotal reference throughout the talk. [...]
TIMECODES
00:00 Intro
02:48 Agenda
05:04 2011 study
06:10 Results from Heyhack’s global AppSec study 2023
11:18 2023 study overview
11:43 File leaks
13:44 Dangling DNS records
15:09 Dangling Records demo
17:13 Dangling DNS records continued
18:42 Vulnerable FTP servers
19:40 ProFTP demo
21:27 Cross-site scripting
22:30 Cross-site scripting demo
31:02 Case study: Fortnite
36:08 WAF: Web Application Firewalls
40:09 Learnings
40:49 Proactive investments
42:01 Takeaways
44:28 Outro
Download slides and read the full abstract here:
RECOMMENDED BOOKS
Liz Rice • Container Security •
Liz Rice • Kubernetes Security •
Aaron Parecki • OAuth 2.0 Simplified •
Aaron Parecki • OAuth 2.0 Servers •
Aaron Parecki • The Little Book of OAuth 2.0 RFCs •
Erdal Ozkaya • Cybersecurity: The Beginner’s Guide •
#ApplicationSecurity #Cybersecurity #Security #OWASP #GlobalAppSecStudy #AppSec #Heyhack #CrosssiteScripting #ProFTP #FileLeaks #CVEExploits #BrowserExploitationFramework #FortniteHacked #WAF #WebApplicationFirewall #SebastianBrandes
Looking for a unique learning experience?
Attend the next GOTO conference near you! Get your ticket at
Sign up for updates and specials at
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily.
1 view
0
0
2 days ago 00:00:12 0
A Day in My Life: Tennis Practice on the Beautiful Smy Court#TennisVlog #SmyTennis #TennisLife
2 days ago 00:06:37 0
Pink Floyd - “Another Brick in The Wall “ PULSE Remastered 2019
4 days ago 01:11:06 1
Texas Country Song for True Cowboys and Cowgirls: The Ultimate Collection of Timeless Hits!
4 days ago 00:00:07 0
5 28 stainless steel sheet 1 4301 AISI 304 that will be cut using a #waterjetcutting
4 days ago 00:28:51 0
Three UFO Events That Changed Everything | 19th Century Secrets Revealed, UFO Disclosure 2025 Begins
6 days ago 00:16:13 0
Life After Us: Nevermore | MAD FATHER! | Indie Horror Gameplay w/ facecam
6 days ago 00:06:12 0
The Dead rest Beneath Us | WHAT HAVE I DONE?! | Indie Game about The End
1 week ago 00:04:02 12
Lady Gaga - Always Remember Us This Way (from A Star Is Born) (Official Music Video)
1 week ago 00:19:57 0
Life After Us: Fading Light | WORST EXPEDITION EVER! | Indie Horror Gameplay w/ facecam
1 week ago 00:13:54 0
The Wolf Among Us (Ep 5 Finale) | GOODBYE, WOLF... | Part 4, Gameplay Playthrough w/ facecam
1 week ago 00:21:33 0
The Wolf Among Us (Episode 5) | THE TRIAL | Part 3, Gameplay Playthrough w/ facecam
1 week ago 00:15:51 0
The Wolf Among Us (Episode 5) |BLOODY MARY VS BIG BAD WOLF!| Part 2, Gameplay Playthrough w/ facecam
1 week ago 00:25:23 0
The Wolf Among Us (Episode 5) | THE TRUTH ABOUT THE RIBBON | Part 1, Gameplay Playthrough w/ facecam
1 week ago 02:33:30 4
2025 Van Cliburn International Piano Competition - Preliminary Recital 3
2 weeks ago 00:54:00 58
Прохождение испытаний на время: JUNK ENERGY и RC BANDITO в GTA Online
2 weeks ago 00:17:51 0
Life After Us: The System | I’LL TAKE THE BABY! | Indie Horror Gameplay w/ facecam
2 weeks ago 00:09:52 0
The Wolf Among Us (Ep 4 Finale) | THE CROOKED MAN | Part 5, Gameplay Playthrough w/ facecam
2 weeks ago 00:19:51 0
The Wolf Among Us (Episode 4) | WHEN SHIT HITS THE FAN! | Part 4, Gameplay Playthrough w/ facecam
2 weeks ago 00:15:49 0
The Wolf Among Us (Episode 4) | CHAINED | Part 3, Gameplay Playthrough w/ facecam
2 weeks ago 00:21:52 0
The Wolf Among Us (Episode 4) | CURSED RIBBON | Part 2, Gameplay Playthrough w/ facecam
2 weeks ago 00:17:26 2
Russia’s Biggest Attack Ends in Collapse. Hundreds of Tanks Wiped Out in One Strike @UNITED24media
2 weeks ago 00:35:15 4
Chemtrails, The Fallen Ones’ Desperate Attempt To Block The Arrival Of The Angelic
2 weeks ago 00:27:20 0
Prof. John Mearsheimer: Israel OWNS the Trump Administration, Israel is a LIABILITY for the US