Securing web applications for system administrators

The ever growing pool of neglected web applications is a breeding ground for malicious activity on the web, and is a concern for web hosting providers whose customers tend to leave no time for security updates after updating their blogs, forums or CMS sites. This talk will cover some basic information on 3 common attack methods as well a 3 easy ways system administrators can address each type of threat and some other details regarding security best practices. Attack: XSS, SQL Injection and insecure upload forms. Defense: mod_security, IDS/IPS (snort/snortsam), and file system monitoring.