Upload
david-mcgeough
View
734
Download
2
Embed Size (px)
DESCRIPTION
This session will cover how Worx home user authentication and communication flow works and what tools can be used for troubleshooting common authentication issues. What you will learn - XenMobile Enterprise authentication flow - How Single Sign-on works between NetScaler Gateway and App Controller - How "Step up" authentication works for WorxMail and WorxWeb
Citation preview
© 2014 Citrix. Confidential.1
TechEdge 2014
© 2014 Citrix. Confidential.2
How to protect against Top Web Security Issues
with NetScaler
© 2014 Citrix. Confidential.3
OWASPwww.owasp.org
© 2014 Citrix. Confidential.4
TopWeb Application Security Vulnerabilities
© 2014 Citrix. Confidential.5
The world’s most advanced cloud networking platform
© 2014 Citrix. Confidential.6
© 2014 Citrix. Confidential.7
© 2014 Citrix. Confidential.8
#1 Injection
© 2014 Citrix. Confidential.9
Injection Preventions
Signatures
© 2014 Citrix. Confidential.10
#2 Authentication/Session Management
© 2014 Citrix. Confidential.11
AAA
Cookie Protections
SSL/TLS
© 2014 Citrix. Confidential.12
#3 Cross-Site Scripting
© 2014 Citrix. Confidential.13
XSSXSS Preventions
Signatures
© 2014 Citrix. Confidential.14
#4 Insecure Direct Object References#5 Security Misconfiguration#6 Sensitive Data Exposure#7 Missing Function Level Access Control#8 Cross-site Request Forgery (CSRF)#9 Using vulnerable components#10 Unvalidated Redirects and Forwards
© 2014 Citrix. Confidential.15
Feedback
Please tweet about this session
#SYN607 and #CitrixSynergy
Andrew @NStipster
Lucas @NS_Informer
NetScaler @netscaler
© 2014 Citrix. Confidential.16
WORK BETTER. LIVE BETTER.