Google Tech Talks: How To Break Web Software - A look at security vulnerabilities in web software

Posted in Conferences, Companies, Project Management, Testing on November 22, 2006


Google Tech Talks: How To Break Web Software - A look at security vulnerabilities in web software

It all started out as a place to share physics documents, but has grown into potentially mankind's largest and most complex creation. The World Wide Web is a lot of things - a soapbox for everyone, a giant shopping mall, an application platform, and unfortunately a hacker's playground. As more applications get "web-ified" moving from the desktop or legacy systems onto the web, attackers follow the vulnerabilities. Without sophisticated tools or "1337 5x1llz", web applications are now the most attacked technology, with the majority of attacks categorized as "easily exploitable". So, before your application is placed out into one of the most hostile environments, how do you stop your software from being "0wn3d" by the 14 year old in their blacked-out bedroom, or being used by a Russian crime cartel? In this TechTalk, Mike Andrews will look at how web applications are attacked, walk through a testing framework for evaluating the security of an application and take some deep-dives into a few interesting and common vulnerabilities and how they can be exploited.

Google Tech Talks April 13, 2006 Mike Andrews

Bio
Mike Andrews is a senior consultant who specializes in software security and leads the web application security assessments and Ultimate Web Hacking classes for Foundstone.

Watch Video

Tags: Techtalks, Google, Practices, Q&A, Conferences, Google Tech Talks, exploit, Companies