Vulnerabilities are a fact of life. Regardless of how skilled a developer is or how mature an organizations' security posture, vulnerabilities will occur. In this session, HackerOne will present data on the most common critical vulnerabilities based on data from over 1,400 bug bounty and vulnerability disclosure programs. Attendees will discover common weaknesses that they won’t find on the OWASP top ten — such as Violation of Secure Design Principles, Information Disclosure, Denial of Service, Cryptographic Issues and more — and how attackers could exploit these prevalent vulnerabilities. Whether you run an active security program or if your security@ email address is routed to /dev/null, this session topic will arm attendees with insights into the most common security weaknesses to better defend against them — both in development ecosystems and post-launch.
