1. InfoconDB
  2. DerbyCon
  3. DerbyCon 7.0 Legacy (2017)
  4. Web Application testing - approach and cheating to win

Web Application testing - approach and cheating to win

Presented at DerbyCon 7.0 Legacy (2017), Sept. 23, 2017, 3 p.m. (50 minutes)

As security professionals we are often called upon to assess the security of web delivered applications and/or services. Not all of us have either experience or a methodology for responding to this type of assessment request. Web based applications and services are the key technologies behind modern service delivery. And their security, or lack thereof, can make or break a company. We will lay out an approach to follow including tools to help with the assessment throughout each step of the process. We will discuss free and commercial products that can assist the assessment process. The user will leave with information they can take back to their home organization to serve as a foundation for either an ad-hoc or ongoing capability. "Jim McMurry is an accomplished Technologist with an entrepreneurial mindset with over 23 years of combined experience in Security, Information Technology, Telecommunication, Networking, Management and Software development. Jim's varied experience in network security, military projects, IT and high-tech arenas, with startups through Fortune 1000 companies, provides him with a unique set of tools as he grows Milton Security. He volunteers for numerous charities, and supports Veterans through the Milton Veteran Hiring program. Lee Neely is a senior IT and security professional at Lawrence Livermore National Laboratory with over 25 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. He currently leads LLNL’s Entrust team and is the CSP lead for new technology adoption specializing in mobility. He teaches cyber security courses, and holds several security certifications including GMOB, GPEN, GWAPT, GAWN, CISSP, CISA, CISM and CRISC. He is also the Technology Director for the ISC2 Eastbay Chapter. Chelle Clements has been associated with computer science and cyber security for over 20 years. She has an AAS in Environmental Science from Northern Virginia Community College, and a BS and an MS in Information Systems Management from University of San Francisco. She is an Army Veteran, one of the first women in the Corps of Engineers (she has some great stories!). She spent 30-years at Lawrence Livermore National Lab as a researcher in three different fields (chemistry, physics and computer science) and also as a community outreach volunteer. She currently supports several Veteran causes with pro bono web development (such as East Bay Stand Down) and serves on her city’s art commission." Jim - @jmcmurry Lee - @lelandneely

Presenters:

Links:

Similar Presentations: