|
Demonstrating
the Top 10 Web Application Hack Attacks
|
Duration
60 minutes
|
in
association with
|
|
Topic:
Demonstrating the Top 10 Web
Application Hack Attacks
|
|
 |
|
|
Moderator
Ron Condon
Infosecurity Magazine |
Panelist
Danny
Allan
director of security research,
Watchfire |
Panelist
Alan
Paller
director of research, SANS Institute |
Panelist
Robert
Hansen
chief executive, SecTheory, and author |
Panelist
Dr
John I Meakin
Group Head of Information Security
Standard Chartered Bank
|
|
|
|
Description:
While developers labour to build next-generation
applications, hackers have evolved and are
working to create new and sophisticated techniques
to break through current security measures
and snatch valuable data found within Web
applications.
Are you vulnerable?
The OWASP (Open Web Application Security Project)
Top Ten was created to help organizations
and government agencies focus on the most
serious web application security vulnerabilities.
Adopting a process to monitor for, identify
and remediate these ‘Top Ten’
flaws is the most effective first step towards
ensuring the security of your web applications.
This Webinar
will:
- Examine new and emerging hack attacks
- Provide a demonstration and informative
discussion of the
Top 10 web application attacks and their
consequences
- Offer proven strategies for defending
against these attacks,
such as Cross-Site Scripting (XSS) Flaws,
parameter
tampering, cookie poisoning, and SQL injection
|
|
|
|
Speaker Biographies:
Danny Allan
Director of Security Research
Watchfire
Danny Allan is Director of Security Research with Waltham-based Watchfire, a provider of software and service to help ensure the security and compliance of websites.
Danny joined Watchfire in 2000 bringing with him several years of business and technology-related experience including penetration testing and internal system remediation for one of Canada's biggest universities. In his role as a security researcher he is closely involved with enterprise global customer deployments, researching and evaluating technologies and helping define and recommend strategic directions for Watchfire’s security solutions.
In his seven years with Watchfire, Danny has held several critical customer facing positions, including Team Lead, Consulting Services and Sales Engineer. Danny has published several whitepapers and articles and participates in industry working groups. He has also spoken at security events and is often called upon by key media including Associated Press, Bloomberg and the Wall Street Journal for his opinions regarding web application security.
Danny holds a Bachelor of Commerce with a major in Information Systems from Carleton University.
Dr John I Meakin
Group Head of Information Security
Standard Chartered Bank
John Meakin is a specialist in information systems security with more than eighteen years experience. He has previously been responsible for leading systems security policy and strategy in Reuters, the Royal Bank of Scotland, Swiss Bank Corporation, and the investment-banking arm of Dresdner Bank, where he led teams providing a full range of IT Security services.
Since mid 2002 he has led a global Information Security team at Standard Chartered Bank as Group Head of Information Security. Here he is applying his experience to the new challenges posed by such a geographically and culturally diverse business. He has also provided information security consultancy support to a number of blue chip clients aimed at improving their systems security and effectiveness.
John has a particular interest in better modeling and managing the costs and benefits of security to the business, as well as in shifting the emphasis of commercial security efforts into dynamic management and monitoring rather than static prevention.
He has a PhD in Experimental Solid State Physics from Cambridge University, plays football regularly and builds computers in his spare time. He speaks regularly at conferences and public forums on a variety of topics.
|
|
