Share This Event

Security SIG: The Front Door is Unlocked – Advanced Website Security Schemes

REGISTRATIONPriceQuantity
$20.00
$0.00

Description

  •  

     

     
    Topic:    The Front Door is Unlocked – Advanced Website Security Schemes are often still vulnerable to Simple Attacks

     

     

     

     

     

     

    Many experts still mistakenly believe that it requires elite, ninja-level hacking skills to wreak havoc and Make Money Fast on public websites.  As the enterprise wraps itself in traditional web security blankets – “managing risk” with high-priced consultants and automated scanners and code reviews – hackers are constantly changing their attack strategies and tactics, pushing the envelope of what’s possible in the ever-changing Web security landscape.

    In this presentation Arian will discuss how many corporate websites have misguided testing practices, inaccurate perceptions of the strategies and skill sets of potential hackers, and holes in their asset risk-management strategies.  Rather than focusing on syntax attacks requiring programming skills like Cross-Site Scripting and SQL Injection - Arian will show how attackers find and exploit vulnerabilities for monetary gain using only a web browser and basic analytic skills. This session dispels the illusion of "shallow scanning security" a'la PCI and compliance-minded application security agendas. Arian will also provide rsteps and tactics the audience can use to re-evaluate their website security posture and mitigate these unseen, hard to detect risks.

     

     

     

     

     
    Speaker Bio:
     

    Arian Evans currently holds the position of director of operations at WhiteHat in Santa Clara where his team specializes in application, code, software security with an emphasis on the current threatscape.  In the past he bootstrapped the application security practice at FishNet Security and is internationally published & recognized for research in the field of software security.  Arian has ppresented at International conferences including OWASP London & DC, BlackHat Amsterdam & Vegas, and NIST and was an initial Project Leader of OWASP Testing Taxonomy & Testing Tools projects (

    http://www.owasp.org

     

     

     
     

    Location
    Cubberley Community Center
    4000 Middlefield Road, Room H-1
    Palo Alto, CA