Web Application Security Ny Cyber Sec Conf

•

3 gefällt mir•483 views

Aung Khant

Technologie

If You Don’t Get Web Application
Security Right, I Hope You’re
Good at Incident Response...

11th Annual New York State Cyber Security Conference
June 5, 2008

Brian Reilly
CSAC IRT Manager, NYS CSCIC
Symantec Professional Services

Introductions
• About Me
– Incident Response, Intrusion Detection, and Security
Operations at NYS CSCIC
• http://www.cscic.state.ny.us
– Symantec Vulnerability Research
• http://www.symantec.com/research

• You?
– IT Security
– Application Developers
– Systems and Network Engineering
– Managers, Process Owners, Project Managers

Web Application Security Ny Cyber Sec Conf

Empfohlen

How to emrace risk-based Security management in a compliance-driven cultureShahid Shah

Data Center Security ChallengesCisco Security

Containing the outbreak: The healthcare security pandemicAvecto

A Hacker's perspective on ransomwareAvecto

Enterprise Strategy Group: Security SurveyCisco Security

Cyber security report 2017 cisco 2017 acr_pdfMitch Cardoza, SPHR, Workforce Solutions Exec.

2015 Microsoft Vulnerabilities Report Avecto

Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.

Empfohlen

How to emrace risk-based Security management in a compliance-driven cultureShahid Shah

Data Center Security ChallengesCisco Security

Containing the outbreak: The healthcare security pandemicAvecto

A Hacker's perspective on ransomwareAvecto

Enterprise Strategy Group: Security SurveyCisco Security

Cyber security report 2017 cisco 2017 acr_pdfMitch Cardoza, SPHR, Workforce Solutions Exec.

2015 Microsoft Vulnerabilities Report Avecto

Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.

Cylance Protect-Next-Generation Antivirus-OverviewInnovation Network Technologies: InNet

How to Rapidly Identify Assets at Risk to WannaCry RansomwareQualys

Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...Berezha Security Group

Cylance Information Security: Compromise Assessment DatasheetInnovation Network Technologies: InNet

Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...Berezha Security Group

Information security SMBS need it, MSPS can provide itGlobizzcon

Third-party Remote Support Threats InforgraphicSecureLink, Inc.

What is Security Orchestration?Siemplify

Healthcare Cybersecurity Survey 2018 - SiriusSirius

Sikkerhed & Compliance i en cloud-verdenMicrosoft

Palestra Filipi Pires - Ransomware – Existe proteção para isso?BHack Conference

Cyber Security Challenges: how are we facing them?Community Protection Forum

The Cost of Inactivity: Malware InfographicCisco Security

Application Security and the OWASP Top 10Diarmaid McGowan

Cyber Ethics: Cyber Security Services | VAPT and WAPTSaeelRelekar

Building a Next-Generation Security Operations Center (SOC)Sqrrl

Online Security Breach Compromises 77 Million Client Accountscorelink11

Uncover security incidents with ESET Enterprise InspectorAdi Saputra

To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?NetEnrich, Inc.

10 Steps to Better Security Incident DetectionTripwire

Bspence, head trauma. sgpbspence

A Dilution of Democracy: Prison-Based Gerrymanderingcoryhelene

Weitere ähnliche Inhalte

Was ist angesagt?

Cylance Protect-Next-Generation Antivirus-OverviewInnovation Network Technologies: InNet

How to Rapidly Identify Assets at Risk to WannaCry RansomwareQualys

Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...Berezha Security Group

Cylance Information Security: Compromise Assessment DatasheetInnovation Network Technologies: InNet

Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...Berezha Security Group

Information security SMBS need it, MSPS can provide itGlobizzcon

Third-party Remote Support Threats InforgraphicSecureLink, Inc.

What is Security Orchestration?Siemplify

Healthcare Cybersecurity Survey 2018 - SiriusSirius

Sikkerhed & Compliance i en cloud-verdenMicrosoft

Palestra Filipi Pires - Ransomware – Existe proteção para isso?BHack Conference

Cyber Security Challenges: how are we facing them?Community Protection Forum

The Cost of Inactivity: Malware InfographicCisco Security

Application Security and the OWASP Top 10Diarmaid McGowan

Cyber Ethics: Cyber Security Services | VAPT and WAPTSaeelRelekar

Building a Next-Generation Security Operations Center (SOC)Sqrrl

Online Security Breach Compromises 77 Million Client Accountscorelink11

Uncover security incidents with ESET Enterprise InspectorAdi Saputra

To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?NetEnrich, Inc.

10 Steps to Better Security Incident DetectionTripwire

Was ist angesagt? (20)

Cylance Protect-Next-Generation Antivirus-Overview

How to Rapidly Identify Assets at Risk to WannaCry Ransomware

Webinar: "How to invest efficiently in cybersecurity (Return on Security Inv...

Cylance Information Security: Compromise Assessment Datasheet

Webinar | Cybersecurity vulnerabilities of your business - Berezha Security G...

Information security SMBS need it, MSPS can provide it

Third-party Remote Support Threats Inforgraphic

What is Security Orchestration?

Healthcare Cybersecurity Survey 2018 - Sirius

Sikkerhed & Compliance i en cloud-verden

Palestra Filipi Pires - Ransomware – Existe proteção para isso?

Cyber Security Challenges: how are we facing them?

The Cost of Inactivity: Malware Infographic

Application Security and the OWASP Top 10

Cyber Ethics: Cyber Security Services | VAPT and WAPT

Building a Next-Generation Security Operations Center (SOC)

Online Security Breach Compromises 77 Million Client Accounts

Uncover security incidents with ESET Enterprise Inspector

To Build Or Not To Build: Can SOC-aaS Bridge Your Security Skills Gap?

10 Steps to Better Security Incident Detection

Andere mochten auch

Bspence, head trauma. sgpbspence

A Dilution of Democracy: Prison-Based Gerrymanderingcoryhelene

Schema Design (Mongo Austin)MongoDB

universal helath services 2003Financialsfinance49

Manage Your Projects Better With ProjectforkKyle Ledbetter

06 goodnessdrkministries

ItrainIEMI - CMH PARIS

9 central europe jts by C. EbermannTRANSROMANICA

Sightseeing: Web 2.0 - TeaserAnja C. Wagner

Andere mochten auch (9)

Bspence, head trauma. sgp

A Dilution of Democracy: Prison-Based Gerrymandering

Schema Design (Mongo Austin)

universal helath services 2003Financials

Manage Your Projects Better With Projectfork

06 goodness

Itrain

9 central europe jts by C. Ebermann

Sightseeing: Web 2.0 - Teaser

Ähnlich wie Web Application Security Ny Cyber Sec Conf

Discovering the Value of Verifying Web Application Security Using IBM Rationa...Alan Kan

Security testing for web developersmatthewhughes

Allianz Global CISO october-2015-draftEoin Keary

Essentials of Web Application Security: what it is, why it matters and how to...Cenzic

The Thing That Should Not Bemorisson

Application security enterprise strategiesNetwork Intelligence India

EISA Considerations for Web Application SecurityLarry Ball

10 Common Web Application Security Vulnerabilities and How to Prevent ThemSattrix Information Security

Top Application Security Trends of 2012DaveEdwards12

24 031030davidtillemanssecuresdlcpub-110325054740-phpapp02Smals

Get Ready for Web Application Security TestingAlan Kan

Cyber security considerations for Small and Medium Businessesebusinessmantra

Why security is the kidney not the tail of the dog v3Ernest Staats

Why do women love chasing down bad guys? SITA

Implementing a comprehensive application security progaram - Tawfiq OWASP-Qatar Chapter

We cant hack ourselves secureEoin Keary

Cross site scripting (xss) attacks issues and defense - by sandeep kumbharSandeep Kumbhar

Information Security: We are all InfoSec (updated for 2018)Michael Swinarski

DTS Solution - Building a SOC (Security Operations Center)Shah Sheikh

Dhishant -Latest ResumeDhishant Abrol

Ähnlich wie Web Application Security Ny Cyber Sec Conf (20)

Discovering the Value of Verifying Web Application Security Using IBM Rationa...

Security testing for web developers

Allianz Global CISO october-2015-draft

Essentials of Web Application Security: what it is, why it matters and how to...

The Thing That Should Not Be

Application security enterprise strategies

EISA Considerations for Web Application Security

10 Common Web Application Security Vulnerabilities and How to Prevent Them

Top Application Security Trends of 2012

24 031030davidtillemanssecuresdlcpub-110325054740-phpapp02

Get Ready for Web Application Security Testing

Cyber security considerations for Small and Medium Businesses

Why security is the kidney not the tail of the dog v3

Why do women love chasing down bad guys?

Implementing a comprehensive application security progaram - Tawfiq

We cant hack ourselves secure

Cross site scripting (xss) attacks issues and defense - by sandeep kumbhar

Information Security: We are all InfoSec (updated for 2018)

DTS Solution - Building a SOC (Security Operations Center)

Dhishant -Latest Resume

Mehr von Aung Khant

Introducing MsdAung Khant

Securing Php AppAung Khant

Securing Web Server IbmAung Khant

Security Design PatternsAung Khant

Security Code ReviewAung Khant

Security Engineering ExecutiveAung Khant

Security Engineeringwith PatternsAung Khant

Security Web ServersAung Khant

Security Testing Web AppAung Khant

Session FixationAung Khant

Sql Injection PaperAung Khant

Sql Injection Adv OwaspAung Khant

Php Security IissuesAung Khant

Sql Injection White PaperAung Khant

S Shah Web20Aung Khant

S Vector4 Web App Sec ManagementAung Khant

Php Security Value1Aung Khant

Privilege EscalationAung Khant

Php Security WorkshopAung Khant

Preventing Xs Sin Perl ApacheAung Khant

Mehr von Aung Khant (20)

Introducing Msd

Securing Php App

Securing Web Server Ibm

Security Design Patterns

Security Code Review

Security Engineering Executive

Security Engineeringwith Patterns

Security Web Servers

Security Testing Web App

Session Fixation

Sql Injection Paper

Sql Injection Adv Owasp

Php Security Iissues

Sql Injection White Paper

S Shah Web20

S Vector4 Web App Sec Management

Php Security Value1

Privilege Escalation

Php Security Workshop

Preventing Xs Sin Perl Apache

Kürzlich hochgeladen

TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey

Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity

Take control of your SAP testing with UiPath Test SuiteDianaGray10

Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed

DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy

Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation

unit 4 immunoblotting technique complete.pptxBkGupta21

From Family Reminiscence to Scholarly Archive .Alan Dix

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada

Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB

DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell

What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett

A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3

Commit 2024 - Secret Management made easyAlfredo García Lavilla

How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe

How to write a Business Continuity PlanDatabarracks

"ML in Production",Oleksandr BaganFwdays

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays

What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina

Kürzlich hochgeladen (20)

TeamStation AI System Report LATAM IT Salaries 2024

Dev Dives: Streamline document processing with UiPath Studio Web

Take control of your SAP testing with UiPath Test Suite

Scanning the Internet for External Cloud Exposures via SSL Certs

DevoxxFR 2024 Reproducible Builds with Apache Maven

Connect Wave/ connectwave Pitch Deck Presentation

unit 4 immunoblotting technique complete.pptx

From Family Reminiscence to Scholarly Archive .

The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx

New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024

Developer Data Modeling Mistakes: From Postgres to NoSQL

DSPy a system for AI to Write Prompts and Do Fine Tuning

What's New in Teams Calling, Meetings and Devices March 2024

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx

Commit 2024 - Secret Management made easy

How AI, OpenAI, and ChatGPT impact business and software.

How to write a Business Continuity Plan

"ML in Production",Oleksandr Bagan

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack

What is DBT - The Ultimate Data Build Tool.pdf

Web Application Security Ny Cyber Sec Conf

1. If You Don’t Get Web Application Security Right, I Hope You’re Good at Incident Response... 11th Annual New York State Cyber Security Conference June 5, 2008 Brian Reilly CSAC IRT Manager, NYS CSCIC Symantec Professional Services

2. Introductions • About Me – Incident Response, Intrusion Detection, and Security Operations at NYS CSCIC • http://www.cscic.state.ny.us – Symantec Vulnerability Research • http://www.symantec.com/research • You? – IT Security – Application Developers – Systems and Network Engineering – Managers, Process Owners, Project Managers