Abstract
Web application attacks are growing at rapid rate in last 5 years. Many innovative ways of breaking system have come into existence. Web Applications are even more vulnerable since they cannot be protected by Firewalls and become easy prey for attackers. Next generation web application attacks have arrived and are here to stay. These attacks are targeted towards vulnerable and poorly written web applications. Web application defense strategies require secure coding at application level, knowing your application and protecting them by human intelligence. Knowing your application can lead to profiling your web assets in logical way. Profiling web assets provides better picture of various possible attacks set. Knowing entire attack set greatly helps in designing and implementing defense strategies. This presentation will cover attacks in depth with live demonstration and tools. Several new techniques of defense will be exposed to audience as part of “Art of defenseâ€.