Web Security w/ Scott Gerlach

<p>Scott Gerlach discusses what Web Security means and how to automate API security vulnerability discovery through his DAST platform, StackHawk.</p> <ul> <li>Homebrewing: API by day; IPA by night 😜</li> <li>What does web security even mean for the front-end web developer? &nbsp;How much responsibility do we have in ensuring security? &nbsp;CSP? &nbsp;What about NPM packages we don't maintain?</li> <li>How do large businesses deal with security breaches? &nbsp;How much should we prioritize web security teams, especially when budgeting is thin? &nbsp;What about small teams and startups?</li> <li>What does DAST offer that SCA (static code analysis) doesn't? &nbsp;Why opt for DAST if we already have useful tools to perform SCA testing?</li> </ul>