Web Application Security and modern frameworks

"Do you know what CSRF is? Or what direct object reference vulnerability means? If not, then your application might have a serious security vulnerability.

Frameworks like GWT and Vaadin take care of some aspects of information security on the developers’ behalf whereas other aspects are still up to the developer to get right. This presentation walks through the OWASP Top 10 list of typical security flaws and investigates how they relate to applications developed using GWT or Vaadin. The goals of the presentation is to show how a mature framework can improve security and to make developers aware of aspects that they still need to handle themselves. The talk will give you insights regarding your own web application security regardless of if you are using GWT, Vaadin or any other framework. Beginner or Intermediate level."