addressalign-toparrow-leftarrow-rightbackbellblockcalendarcameraccwchatcheckchevron-downchevron-leftchevron-rightchevron-small-downchevron-small-leftchevron-small-rightchevron-small-upchevron-upcircle-with-checkcircle-with-crosscircle-with-pluscrossdots-three-verticaleditemptyheartexporteye-with-lineeyefacebookfolderfullheartglobegmailgoogleimageimagesinstagramlinklocation-pinmagnifying-glassmailminusmoremuplabelShape 3 + Rectangle 1outlookpersonplusprice-ribbonImported LayersImported LayersImported Layersshieldstartickettrashtriangle-downtriangle-uptwitteruseryahoo

OWASP Orange County - July Meeting

Session Title: CMS Hacking 101

Session Description:
With the rise of blogs, forums, online magazines, e-commerce, and corporate websites, many organizations are turning to Content Management Systems (CMS), such as Joomla or SharePoint, to create rich websites. CMSs simplify website delivery – but they also expose your organization to a new set of vulnerabilities. Join Mike Sanders, Imperva Sr. Security Engineer, to see how malicious hackers exploit vulnerabilities found in popular Content Management Systems to systematically identify and attack unsuspecting organizations. This presentation explores:
What a CMS-based site is and examples of recent CMS originated hacks
Trends in automated CMS hacking
How to secure your website against vulnerabilities found in CMS systems

Speaker Bio:
Michael Sanders is a Senior Security Engineer with over 15 years experience specializing in security, infrastructure, systems and integration. He is a subject matter expert (SME) in perimeter security, application layer protection, wireless networking, bandwidth management, and intrusion prevention. His broad background spans multiple disciplines including: project management, systems integration, incident response, business continuity, content filtering, cryptography, telecommunications, and access control.

Join or login to comment.

  • Dane

    Great talk, super practical.

    July 25, 2014

  • Korben D.

    Really wanted to make this meeting, but the power went out at our office in Irvine. Spent the evening recovering the environment.

    July 25, 2014

  • Adam R.

    Great turnout tonight, great presentation. Hope to see everyone at our upcoming events.

    Did anyone leave pair of sunglasses at the venue tonight? Give me a brief description of the ones you left behind and if they match what I picked up....they are yours.

    1 · July 24, 2014

  • Jignesh B.

    Would Michael be also demoing any of the popular exploits. Also would love if Michael can talk a bit about the immense # of false positives resulting out of deploying these perimeters devices like WAF / IPS / IDS, etc.

    July 21, 2014

  • Geoff

    Sounds awesome!! Looking forward to it!

    July 17, 2014

  • Kandi R.

    THE PROGRAM SOUNDS MOST ENLIGHTENING. I WON'T BE ABLE TO ATTEND BECAUSE THE TRIP TO CALIFORNIA HAS BEEN CANCELLED. HOW CAN THE HACKERS, ETC BE STOPPED THAT INFILTRATE FROM ENGLAND AND AFRICA? THEY NOT ONLY ATTACK ORGANIZATIONS BUT ALSO PRIVATE CITIZENS? AND WHEN ONE TURNS THEM IN TO "AUTHORITIES" NOTHING CAN BE DONE BECAUSE "THEY ARE SO FAR AWAY IN OTHER COUNTRIES".

    1 · July 8, 2014

42 went

Our Sponsors

People in this
Meetup are also in:

Sign up

Meetup members, Log in

By clicking "Sign up" or "Sign up using Facebook", you confirm that you accept our Terms of Service & Privacy Policy