How To Get Your Site Hacked with Michael Kubiaczyk
Details
The proof that secure programming does not have to be boring programming can be found in the talks by Michael from Secura. As a security expert, he tells about his experience with plenty of real life examples, making abstract security threats tangible and helping us to counteract them.
# Web Application Security Testing
You have probably heard of Cross-Site Scripting and SQL Injection, maybe Phishing - or even all of the OWASP Top 10. But where do these vulnerabilities come from? How are they found by hackers, and how are they created by developers? In this session, we will discuss many of common web application security vulnerabilities, typical development mistakes leading to these issues, and how to use standard tools (such as Burp Suite Proxy) to find them before it's too late!
# Red-Teaming — What and How?
Red Teaming is an exercise used by many of the most security-conscious and advanced enterprises, but what is the point? We will provide a brief introduction to many of the tools and goals of red teaming exercises, providing you with a basic toolkit with which your overall security posture can be tested. Afterwards, we will walk through an actual assignment which was executed by Secura, in which a developer laptop was obtained, compromised, and then used as a stepping stone into an organisation's network to get to the Crown Jewels!
# About Michael
Michael has been working in the security industry for over 11 years, focusing on web application penetration testing and code review mostly within the financial sector. His experience includes working directly for international organisations in Canada, Ireland, The Netherlands, and Australia, as well as working for consulting firms and delivering security advice to small and medium sized organisations on a variety of topics. Michael is currently working for Secura (formerly known as Madison-Gurkha), delivering consulting service to a variety of leading organisations within the financial, government, and education sectors.
# Program
13 December 2018
17:30 Doors open and registration
18:00 Food
18:30 Talk 1
19:30 Break
20:00 Talk 2
21:00 Drinks