Explore NOSQL web application vulnerabilities and mitigation strategies in this 30-minute conference talk from OWASP Global AppSec Tel Aviv. Delve into the world of NOSQL data storage systems, examining their popularity due to scalability and ease of use. Learn about injection methods, CSRF vulnerabilities, and effective mitigation solutions. Discover why NOSQL's optional approach to authentication, encryption, and role management leaves it vulnerable to DOS, DDOS, and more impactful injection attacks. Benefit from the expertise of Amir Luckach, an experienced technical manager and Endpoint security team leader at CyberArk, as he shares insights gained from over 19 years of hands-on experience in various roles across development, team leading, project management, system engineering/architecture, and research.