|
Premiered:
|
Available On Demand
|
|
Format:
|
Multimedia
|
|
Type:
|
Webcast
|
|
Language:
|
English
|
 |
|
|
|
|
|
|
|
|
| To access webcasts you must: |
 |
Have RealPlayer or Windows Media Player installed |
|
Disable pop-up blockers |
|
Disable firewalls that restrict streaming media/audio transport |
|
Enable Javascript and cookies (required in some cases to complete registration) |
| For further assistance, please contact webcasthelp@techtarget.com |
|
|
|
|
|
|
|
|
|
|
|
ABSTRACT:
We always hear about how attackers can break into your organization through the website because it far easier than trying to circumvent network defenses. Attackers will leverage critical vulnerabilities like SQL Injection (SQLi) and Cross Site Scripting (XSS) to steal personal, financial, or customer data while compromising your internal systems.
However there are a number of fairly basic, well known, and easy to perform vulnerabilities besides XSS and SQLi that plague many web applications even today. Client-side pricing, Google Hacking, trivial data leakage, and account hijacking can hurt an organization just as badly as XSS or SQLi.
If you are involved in building, testing or securing a web site or web application that includes user accounts, shopping cart functionality, or that stores personal or financial information, this webinar is for you. You will learn about the easy ways hackers hack into applications like yours.
In this webinar, participants will learn:
- The basics of client-side pricing attacks, Google hacking, trivial data leakage, and account hijacking
- Why these lesser known hacks can be extremely damaging to an organization
- Why these hacks are so easy for hackers
- Simple things you can do in your applications to protect against these attacks
|
|
|
Speaker
Billy Hoffman
HP Web Security Research Group, HP Software
Billy Hoffman is the manager of HP's Web Security Research Group. Prior to his role at HP, Billy was a lead security researcher for SPI Dynamics that was acquired by HP in August 2007. Billy focuses on automated discovery of Web application vulnerabilities and crawling technologies. He has been a guest speaker at AJAX World, Black Hat, Black Hat Federal, Toorcon, Shmoocon, O'Reilly's Emerging Technology Conference, The 5th Hope, and several other conferences. His work has been featured in Wired, Make magazine, Slashdot, G4TechTV, and in various other journals and Web sites. Topics have included reverse engineering law and techniques, ATMs, XM Radio and magstripe projects. In addition, Billy is a reviewer of white papers for the Web Application Security Consortium (WASC), and is a creator of Stripe Snoop, a suite of research tools that captures, modifies, validates, generates, analyzes, and shares data from magstripes. He also spends his time contributing to OSS projects and writes articles under the handle Acidus, and recently co-authored a book on AJAX Security for publisher Addison Wesley Professional, which was released late in 2007.
|
|
BROWSE RELATED
WEBCASTS
Application Performance Management | Application Performance Management Software | Endpoint Security | Financial Management | Network Security | Security Management | Web Application Security
|
View All Resources
sponsored by Hewlett-Packard Company
|
|
