DF-2011 How to build an effective malware protection architecture for file uploads in modern web apps

Presented at Texas Cyber Summit 2019, Oct. 10, 2019, 2:15 p.m. (60 minutes).

Web applications have traditionally accepted file uploaded via web portals, which had bot prevention controls to avoid bots uploading files vs user. With the boom of API economy, more and more applications have started accepting files over API, this allows uploading of file a programmatic approach available for good bots and vector for allowing numerous file uploads during a day. This convenience, also comes with security shortcomings - for example, files cannot be analysed manually for potential malware since the number is huge, there could be synchronous processing needed as business functionality in web app. This talk will look at a novel approach to build and operate a practical automated malware analysis platform and considerations for it to scale at enterprise level maintaining heavy performance needs of web apps, to effectively detect and discard malicious file uploads in web app.


Presenters:

  • Ravi K Muthukrishnan - Visa Inc.
    Ravi is a technologist, and a security expert specializing in web application security, cloud security, data protection, risk management, and cybersecurity.He has 8+ years of global work experience in the cybersecurity industry. He is currently leading security architecture for Visa web applications, previously worked in CTO office at IBM Security, and few e-commerce companies. He is a master innovator with 30+ patents filed primarily in information security and payment security fields. He holds a Masters in Computer Science from North Carolina State University, has been an active member in security communities and speaker at top cybersecurity industry conference like RSA, ISMG and others. He is passionate about embedding security in agile SDLC stages and solving problems intersecting security, usability & innovation.

Links:

Similar Presentations: