Home / Series / BSides Las Vegas / Aired Order / Season 2012 / Episode 3

Max Level Web App Security

I'm going to cover the topic of web application security from the worlds biggest "honeypot": 1.2+ million domains and one web application firewall. I will review the trends in new and old attacks, review how impact each new vulnerability was this year (including timthumb.html, php-cgi remote code execution, and more) with raw log data and identify really what is fueling the web based attacks. Once the rhetoric of "vulnerabilities are bad" is over, I will discuss some in house developed tools used to detect malicious files on compromised sites (software released). As well as delve into the evolution and in Darwinian fashion dissection of the backdoors and code the attackers use to compromise sites (including more open source software released to de-obfuscate even the most complex malicious code.)

English
  • Originally Aired July 25, 2012
  • Created July 4, 2019 by
    Administrator admin
  • Modified July 4, 2019 by
    Administrator admin
Name Type Role
Robert Rowley Guest Star