Securing Against Web Application Attacks - May 30, 2007
Location: Health Sciences Building, 155 College St., AuditoriumTechnical Level: Highly Technical
Speaker: Nish Bhalla and Rohit Sethi, Security CompassWeb application security continues to be one of the most pressing issues facing enterprises today. While many security experts understand the need for application threat modeling, few have actually implemented them successfully in practice. In their talk to TASK, Nish Bhalla and Rohit Sethi of Security Compass will demonstrate a variety of web applications attacks and present a threat model that can be used to mitigate against those attacks. The presenters bring practical lessons learned from performing penetration testing, source code review, and threat modeling at a variety of clients. Attacks and defenses presented include:
- SQL Injection
- XSS
- XML attacks
Source: task