Eliminating Bug Classes at Scale: Leveraging Browser Features for Proactive Defense

Eliminating Bug Classes at Scale: Leveraging Browser Features for Proactive Defense

Level of Instruction: Beginner

Instructed by: Javan Rasokat

Abstract:

Traditional patching has failed to scale - it’s time for a new approach. This hands-on workshop teaches you to eliminate entire bug classes with modern browser security features instead of endlessly reacting to reports. Instead of firefighting the same issues, you’ll learn how Content-Security-Policy v3, Trusted Types, and Sec-Fetch-Metadata go beyond traditional OWASP recommendations to prevent vulnerabilities at scale.

You’ll work with a training app that’s already secured, but we’ll go further. By applying advanced browser defenses, testing effectiveness, and enforcing security at scale, you’ll experience firsthand how modern web standards protect both new and legacy systems.

This isn’t just about fixing issues - it’s about scaling security across an organization. We’ll explore measuring adoption across hundreds of services, automating enforcement, and applying defense-in-depth beyond single vulnerabilities.

Through interactive group challenges, you’ll tackle real-world vulnerabilities, enforce modern safeguards, and transform how you approach web security. Whether you’re a developer, security engineer, or architect, you’ll leave with practical tools and a proactive security mindset - moving from patching to prevention.