Hi {{ session.user.profile.firstName }}

Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests

Manage webcast
Rob Havelt, Director of Penetration Testing at Trustwave SpiderLabs
True Stories of Real Pen Tests - Featuring demos of complex hacks and how business systems can be used against an organization.

Earth vs. the Giant Spider: Amazingly True Stories of Real Pen-Tests brings the audience the most massive collection of weird, downright freaky, and altogether unlikely hacks ever seen in the wild. Through stories and demonstrations, we will take the audience into a bizarre world where odd business logic flaws get you almost free food (including home shipping), sourcing traffic from port 0 allows ownership of the finances a nation, and security systems are used to hack organizations.

This talk will focus on:
•Complex hacks found in real environments
•Showing effective attacks not found with automated methods
•Types of victim organizations and data accessed

By the end of this presentation we hope to have the audience thinking differently about systems and applications that organizations use every day, and how they may be used against them.
May 22 2012
58 mins
Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests
More from this community:

IT Security

  • Date
  • Rating
  • Views
  • Join cloud security expert Tricia Pattee on August 27 for a quick, cut-to-the-chase analysis on where to get the most bang for your security buck. The interactive, hour-long discussion will include:

    -The five most common security mistakes
    -Top six areas of security spend
    -How to maximize budget – and minimize risk
    -Hidden cloud security costs

    The presentation will include a Q & A to answer your specific questions about security budgeting and cost management.

    Register today.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Identity Access Management is a complex matrix of requirements meant to assure that only the right people have access to your data. This requires the creation of a rules, roles, and a method for preserving information about access rights. In other words, we create 'big data' that then must be mined to find the most risky individuals and risky behaviors. By starting with a risk-based approach, finding those behaviors and individuals is easier. Explore with us as we examine how risk values can be assigned as you build the database so that analyzing and reporting become easier.
  • Cloud Access Security Brokers (CASBs) are one of the hottest new security technologies on the market. Recommended by Gartner, they provide visibility and control in a new IT world now based in public cloud applications and corporate data being accessed by employee BYOD devices.
  • As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.

    On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:

    - different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
    - how companies have used BitSight Security Ratings to notify key vendors of security incidents
    - how vendor ratings can allow for more effective communication and thus greater transparency
  • As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.

    On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:

    - different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
    - how companies have used BitSight Security Ratings to notify key vendors of security incidents
    - how vendor ratings can allow for more effective communication and thus greater transparency
  • As mitigating third party risk becomes an essential business function across many industries, business relationships will be tested. Organizations must now subscribe to a “trust, but verify” philosophy to ensure their third parties are secure. To verify vendor security, organizations now use BitSight Security Ratings, which are gathered externally and don’t rely on any vendor input.

    On August 27 at 1:00 pm EST join Debbie Umbach, Director of Product Marketing at BitSight as she discusses the best practices for implementing vendor security ratings. Viewers will learn:

    - different approaches for incorporating BitSight Security Ratings into vendor risk management (VRM) programs, whether your program is just getting started or is well underway
    - how companies have used BitSight Security Ratings to notify key vendors of security incidents
    - how vendor ratings can allow for more effective communication and thus greater transparency

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Earth vs. The Giant Spider: Amazingly True Stories of Real Penetration Tests
  • Live at: May 22 2012 4:00 pm
  • Presented by: Rob Havelt, Director of Penetration Testing at Trustwave SpiderLabs
  • From:
Your email has been sent.
or close
You must be logged in to email this