how to protect against top web security issues with citrix netscaler
DESCRIPTION
This session will cover some of the industry-standard OWASP Top 10, a list describing the most prevalent security attacks on production environments. We will cover the Citrix NetScaler appliance and its role in shutting down these common vulnerabilities, and how to effectively do so through the use of the Application Firewall and protection features. What you will learn - How to protect against security attacks with Application Firewall - How to reinforce your environment through NetScaler protection features - How to simulate a vulnerable web server environment for testingTRANSCRIPT
How to Protect Against top Web Security Issues With Citrix NetScaler
Andrew Sandford & Lucas AraujoSupport Readiness Team
Citrix Support WebinarJuly 29 & 30, 2014
© 2014 Citrix. Confidential.2
OWASPwww.owasp.org
© 2014 Citrix. Confidential.3
TopWeb Application Security Vulnerabilities
© 2014 Citrix. Confidential.4
The world’s most advanced cloud networking platform
© 2014 Citrix. Confidential.5
© 2014 Citrix. Confidential.6
© 2014 Citrix. Confidential.7
#1 Injection
© 2014 Citrix. Confidential.8
Injection Preventions
Signatures
© 2014 Citrix. Confidential.9
#2 Authentication/Session Management
© 2014 Citrix. Confidential.10
AAA
Cookie Protections
SSL/TLS
© 2014 Citrix. Confidential.11
#3 Cross-Site Scripting
© 2014 Citrix. Confidential.12
XSSXSS Preventions
Signatures
© 2014 Citrix. Confidential.13
#4 Insecure Direct Object References#5 Security Misconfiguration#6 Sensitive Data Exposure#7 Missing Function Level Access Control#8 Cross-site Request Forgery (CSRF)#9 Using vulnerable components#10 Unvalidated Redirects and Forwards
© 2014 Citrix. Confidential.14
Fuel your talent with continuous learning.
Citrix Education offers the following technical training for Networking professionals:
CNS-205: Citrix Netscaler 10 Essentials and Networking
CPE-350: Citrix NetScaler 10 Essentials and Networking Practice Exam
CNS-301: Citrix NetScaler 10 Advanced Implementation
Visit (bit.ly/05Webinar) to save 10% off through August 30*
*Not valid with any other promotions, packages, discounts or practice exams.. Applies only to new purchases. Regional limitations may apply.
93% of Citrix Education students became more effective in their role after attending a course.TVID: CFB-61B-A26
© 2014 Citrix. Confidential.15
Simplify your journey, let us guide you.
Accelerate your implementation and minimize risk by taking advantage of Citrix Consulting. You’ll get the expertise of certified Citrix Consulting Architects to successfully deploy Citrix solutions in any phase of your project.
Visit bit.ly/CTXConsulting to learn more about our proven methodology.
93% of Citrix Education students became more effective in their role after attending a course.TVID: CFB-61B-A26
© 2014 Citrix. Confidential.16
WORK BETTER. LIVE BETTER.