I will be speaking at the OWASP Application Security Summit on Thursday, July 23rd at Stanford University. The topic is Mastering Session Management.
Almost everyone is aware of Cross site Scripting and SQL Injection vulnerabilities and their impact. Every web application implements session management techniques to maintain context, but application developers do not pay a lot of attention to session management because they are usually managed by the application server. Attacks against sessions can result in serious compromises and this presentation will cover some of the most common session management techniques and the attacks that can be launched against sessions. It will also discuss some of the techniques developers can use to protect against session attacks.
1:00 PM – 1:30 PM … Check-in, registration, networking
1:30 PM – 1:45 PM … Welcome Remarks and Overview of OWASP- Mandeep Khera, Bay Area Chapter Leader
1:45 PM – 2:30 PM … Development Issues Within AJAX Applications – Lars Ewe, CTO, Cenzic
2:30 PM – 3:30 PM … Building a Corp App Security Assessment Program-Rob Jerdonek, Info Security Analyst,Intuit
3:30 PM – 4:00 PM … Networking Break, refreshments
4:00 PM – 5:00 PM … Mastering Session Management – Siva Ram, Lead Security Consultant, AppSec Consulting
5:00 PM – 6:00 PM … From Rivals to BFF: WAF and VA Unite – Brian Contos, Chief Security Strategist, Imperva
6:00 PM – 8:00 PM … Networking Reception – Food and Drinks!!
For more information about the event and to register, please go to the event notice.