When you think about securing a Grails application, you probably think of the Spring Security and Shiro plugins. But these plugins only control access to your pages and objects – what about guarding agains cross-site scripting (XSS), cross-site request forgery (CSRF) and SQL injection attacks. The OWASP project maintains a list of the top 10 web application security risks. In this talk we’ll look at these risks and what libraries and plugins are available to make your applications resistant to these types of attacks.
Video source: http://greach.es/sessions-2013/burt-beckwith-securing-grails-applications