Wednesday 19 October 2011

Webinar on 'How to Break Web Software Security'

Tomorrow (20th October) I'm delivering a Webinar on the topic of 'How to Break Web Software Security' which will cover a number of Application Security vulnerabilities (and live demos)

You can read more details about this webinar and register here


Webinar abstract:
More than 80% of attacks happen at the application layer and network security isn't the answer. To compound the problem, Web applications employ specialized protocols and languages and suffer from unique problems that very quickly and easily lead to vulnerabilities for the uninformed.

This Webcast will describe and present techniques for breaking (from a security standpoint) web applications and learn methods of mitigation. This talk covers all of the basics (SQL injection, XSS, etc.) but goes beyond that to more advanced and sinister attacks.

Topics Covered:
  • Why the web is different and what this means to testing
  • Dangers of web services
  • How to think about security vulnerabilities in web applications
  • Techniques for information gathering, client-side attacks, state attacks, data attacks, language attacks, server attacks, authentication attacks