Security for the web professional

Start time: 2012-07-14T10:00:00-0600
(7/14 10am, Canyon Building - room 123 - Cisco networking room)

LOOKING FOR SOMEONE TO SPONSOR LUNCH FOR HOARDS OF HUNGRY GEEKS

Join us in a hands on discussion about current trends in web attacks and exploitation. We’ll have group discussions about different subjects followed up by hands on exercises.

Here is a list of subjects up for discussion. I’m still fine tuning the list to what we can fit in ~5 hours.

Overviews of the HTTP protocol The attack surface of a web application Reconnaissance (open source intelligence) Attacks in action - Injection attacks - XSS - CSRF - Login weaknesseses - Session weaknesses - Abusing user input - Attacking Web 2.0 - Scripting (automate what you can) - Attacking the client

I know we won’t have time to cover the above list in a five hour period with labs, but we’ll spend the time covering as much as we can. Then we can set a time to meet again.

For those of you not local, but are interested, let us know as we are trying to put together a remote option as well.

Dino