BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Dress Code - Analysis of the current status of the C
 ontent\n   Security Policy\n   When: Saturday\, Aug 12\, 13:30 - 14:15 PDT
 \n   Where: Flamingo - Savoy - AppSec Village - Main Stage - [1]Map\n\n   
 SpeakerBio:Felipe Molina\n   Felipe Molina is a Spaniard hacker working in
  the SensePost Team at\n   Orange Cyberdefense. He loves Andalusia\, to ha
 ck\, drink beer\, barbecue\n   with family and friends\, deep diving into 
 new software to find cool\n   vulnerabilities.\n   Twitter: [2]@felmoltor\
 n\n   Description:\n   Content Security Policy (CSP) has been in support b
 y most modern\n   browsers for a while now. The RFC of the first version w
 as released in\n   2014. Almost 10 years later\, and with version 3 recent
 ly released\, a\n   far-reaching study of CSP deployment across the Intern
 et was due.\n\n   The top one million most popular sites were scanned and 
 their CSP\n   related headers were stored. The values of the CSP headers w
 ere\n   analysed to answer several questions. How popular is this security
 \n   measure nowadays. What are common pitfalls and misconfigurations\n   
 within CSP headers. How often do sites enable reporting of violations\n   
 to take a more proactive approach? Do sites blindly trust third\n   partie
 s such as content delivery networks and how can this trust be\n   abused.\
 n\n   This talk will cover the results of the analysis against real world\
 n   data and answer the previous questions. Additionally\, it will present
 \n   practical exploitation examples and provide with effective hardening\
 n   and mitigation to the detected weaknesses.\n\n   '\n\n   1. #FlamingoT
 hirdFloor\n   2. http://twitter.com/felmoltor\n\n\n
DTEND:20230812T211500Z
DTSTART:20230812T203000Z
LOCATION:APV - Flamingo - Savoy - AppSec Village - Main Stage
SUMMARY:Dress Code - Analysis of the current status of the Content Security
  Policy
END:VEVENT
END:VCALENDAR