OWASP Monthly Meeting - July 23, 2014
Hosted by OWASP Los Angeles
Details
Los Angeles OWASP Chapter Board WINS Best Chapter Leader! (https://www.owasp.org/index.php/WASPY_Awards_2013)
Join OWASP today and become a member of our community. (https://myowasp.force.com/MemberAppstep1?region=North+America)
Presentation and Demo: Aviator Secure Browser
The tradeoffs required to make a secure browser are often largely poorly understood even amongst the best of security people. It makes sense since so few people actually work on browsers. There is little knowledge about what it requires to make a browser safe enough to use when viewing hostile websites - against all known adversaries. In this presentation we will cover how browsers are critically insecure, how they can be made to be secure, and what consumers forfeit in order to gain that extra level of security. Lastly, the presentation will cover how to think about tradeoffs and what customers can live without.
Speaker: Nick Schilbe, Director, Solutions Architecture, WhiteHat Security
Nick Schilbe is currently the Sr. Director of Solutions Architecture at WhiteHat Security. Nick began his career at WhiteHat as a security engineer who verified vulnerability data, managed services for his customers, and provided manual penetration testing on over 500 web applications. He eventually became the Manager of the Threat Research Center where he developed, refined, and implemented new processes and workflows for the WhiteHat Sentinel family of website risk management solutions. His WhiteHat Security Engineering team provided service to more than 6000 web applications – primarily production e-commerce, financial services, and healthcare websites, including those owned by many Fortune 500 companies. Afterwards he created the Research & Development division which focused on improving the Sentinel testing methodology, researching new types of attack techniques, responding to zero day issues, and making the overall assessment process more efficient.
Thanks to our Sponsor: WhiteHat Security (http://whitehatsecurity.com)
