December 4-6, 2017
Vancouver, Canada

Bypassing Modern XSS Protections

In modern web environment, there is plenty of XSS protection mechanisms. Web browsers (Chrome, Internet Explorer, Edge) are providing client-side filtering for XSS to defend their users. What are the limitations of each? Frameworks are also adding proactive mechanisms. Can we rely on them?
There will be no 0-day bypass for web browser bypass.

View all 87 sessions

Philippe Arteau

ServiceNow

Philippe is a security engineer at ServiceNow. He has an interest in software development, penetration testing and security code review. He also maintains Find Security Bugs, the open-source Java static analysis tool.
He discovered significant vulnerabilities in several popular applications like Google Chrome, DropBox, Runkeeper, Jira and more. He has presented at various conferences including Black Hat Arsenal, SecTor, AppSec USA, ATLSecCon, 44CON and JavaOne.

Read More

Vancouver 2017 sponsored by