Special OWASP-CSA Joint Meeting 3-11-2015

Join OWASP today and become a part of our community! (https://myowasp.force.com/MemberAppstep1?region=North+America)

Speaker: Jerry Hoff, VP of the Static Code Analysis Division at WhiteHat Security

Topic: Web Attacks at Scale in 2015 (Alternative Title: Web Security Bootcamp)

Abstract: This talk is an attacker-centric presentation demonstrating how modern pen-testing tools such as OWASP Zap, Browser Exploitation Framework (BeEF) and sqlmap can be used to automate web attacks at scale. Reenactments of some of the most publicized attacks in recent history will be conducted to ensure participants understand and absorb how these attacks are taking place. Full exploits using these tools and more will be demonstrated, and a discussion of solutions will follow.

Bio: Jerry Hoff is the Principal Security Strategist at WhiteHat Security. Prior to WhiteHat Security, Jerry co-founded Infrared Security, a specialist in application security and next-generation static analysis technologies. His work experience also includes a number of financial firms including Morgan Stanley Asia where he was on the global Security Architecture team based out of Hong Kong. He has more than a decade of experience in application security consulting, and has taught at Washington University’s CAIT program delivering security and development classes for thousands of developers. Jerry is a frequent speaker at numerous security events around the globe, and is a regular OWASP contributor, where he leads up the OWASP Application Tutorial Series and WebGoat.NET. Jerry holds a Master's degree in Computer Science from Washington University in St. Louis.
Thanks to our sponsor WhiteHat Security! (https://whitehatsec.com/)