LONDON (13 December 2011) -Trustwave, a leading provider of information security and compliance solutions, today announced that its cyber security experts will speak at Black Hat Abu Dhabi 2011, in Abu Dhabi, United Arab Emirates, 14 through 15 December. The presentation will be delivered by members of Trustwave SpiderLabs, the team of ethical hackers responsible for application security, incident response and forensics, penetration testing and security research.
Ryan Jones, managing consultant, and Thomas Mackenzie, security consultant, for Trustwave SpiderLabs EMEA, will present Stealth Attacks: Detection and Investigation, which will demonstrate techniques that attackers can use to leave minimal traces of intrusion during Web application security breaches, as well as methods that organizations can use to secure against such attacks.
During the interactive presentation, Mackenzie will take on the role of a black hat and will attack a Web application in a number of different manners. Jones, as the investigator, will look for evidence to help determine how the intrusion took place and secure the Web application. In order to thwart Jones' efforts, Mackenzie will be using progressively more stealthy techniques. In one particularly sophisticated example, Mackenzie will demonstrate an attack that leaves no malicious trace in the log files.
By demonstrating that malicious lines aren't always found in log files, organizations need to look at other auditing and security techniques for indication of attack. Mackenzie and Jones will provide information on new techniques that can help secure organizations' Web applications, making them much more difficult for an attacker to breach. This technique draws upon the already existing benefits in technologies available such as Web application firewalls, application-based intrusion detection systems and the ideas that are incorporated into hardened PHP.
"By looking at and creating attacks, much like the ones in this presentation, we are able to analyse what can be done to protect against them," said Brooks Wallace, Trustwave managing director for Europe, Middle East and Africa. "Today we're inundated with data. It's critical to collect and examine the specific data that enables good security decisions to defend against such attacks."
About Trustwave
Trustwave is a leading provider of compliance, Web, application, network and data security solutions delivered through the cloud, managed security services, software and appliances. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its TrustKeeper® portal and other proprietary security solutions. With more than two million businesses enrolled in TrustKeeper, Trustwave has helped organizations, ranging from Fortune 500 businesses and large financial institutions to small and medium-sized businesses, manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices worldwide. For more information, visit Trustwave.