Testing is the phase of development that is often reduced due to deadlines, but it is also an important line of defense we can use to secure our applications. This talk exposes the audience to useful open source testing tools that will look for commonly found vulnerabilities. Also discussed are techniques that can be used to find sensitive data stored on the client (no matter if the app is web, client/server, or mainframe) and some easy tests that can be used to may expose some OWASP Top Ten vulnerabilities.
In this prezo, you will learn the following key items:
· Useful automated tools
· Looking for sensitive data on the client
· Easy tests for finding OWASP Top Ten vulnerabilities
WHO: Kevin Poniatowski
Kevin travels the world in his role as a Senior Trainer for Safelight Security, teaching employees at anarray of organizations about information security.
He has delivered application security presentations to technical and non-technical staff in numerous civic organizations. He has also published an article in the Microsoft Developers Network on the topic of Testing for Cross-Site Request Forgery.
Kevin entered the information security field with Security Innovation, where he split time between course development and delivering instructor-led courses. He began his career working for more than a decade as an application developer in the defense industry, where he focused on flight safety for pilots and navigators within the armed forces.
Kevin earned a B.A. degree in Economics from the University of Michigan and a B.S. degree in Computer Science from Florida State University.