Will you be at the OWASP Foundation's AppSec USA event next week in New York City? If so, be sure to stop by our booth, number one, for a chance to win a Pebble Smartwatch.
And don't miss presentations by some of SpiderLabs' own builders, breakers and/or defenders discussing their own unique insights into application security:
- Monday, November 18 and Tuesday, November 19
- 9 a.m. to 5 p.m.
Web Application Defender's Cookbook: Live—Ryan Barnett
Ryan will host a two-day boot-camp session teaching students how to secure their web applications, lock-down new web applications once they go into production and recognize the signs of a malicious invader. All students will receive a copy of Ryan's book "Web Application Defender's Cookbook: Battling Hackers and Protecting Users."
- Thursday, November 21
- 10:00 a.m.
PiOSoned POS - A Case Study in iOS-based Mobile Point-of-Sale Gone Wrong—Mike Park
Mike will discuss popular iOS POS apps, describe their security flaws, demonstrate a live hack of some of these applications and explain how these apps can be secured.
- 1:00 p.m.
Hacking Web Server Apps for iOS—Bruno Gonclaves de Oliveira
Bruno will present his research into the vulnerabilities of a number of web server apps, describe the flaws, explain how a phone's file system can be compromised through these apps and perform a live demonstration.
- 2:00 p.m.
Buried by Time, Dust and BeEF—Michele Orru
Michele will discuss using BeEF to inject time-delay for blind or not blind SQL injection through a hooked browser and monitoring response time, present two demonstrations (one using WebWorkers and one using multiple synched, hooked browsers) and the implications of this approach including incident response and forensics considerations.
We hope to see you there.