Hi [[ session.user.profile.firstName ]]

Hack the Attack: Web App Defense Crash Course

Participate in this comprehensive; one-hour Crash Course webinar to get an in-depth understanding of the most common vulnerabilities targeted by hackers and critical defense tactics necessary to safeguard your apps from being exploited.

Topics Covered

- Preparing for an attack: Information Leakage / Fingerprinting, Insufficient Transport Layer Protection

- Abusing a user’s trust for a site: Cross Site Scripting, Content Spoofing

- Abusing an applications trust for its users and its own browsers: Cross Site Request Forgery

WhiteHat Security is the pioneer in application and web site security, and a security expert from our Threat Research Center (TRC) will lead this course.
Recorded Apr 14 2016 58 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Kimberly Chung
Presentation preview: Hack the Attack: Web App Defense Crash Course

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Latest in Compliance: PCI DSS 3.2 Decoded Dec 13 2016 6:00 pm UTC 60 mins
    Asma Zubair, WhiteHat Security; Ruchika Mishra, WhiteHat Security
    If your organization deals with credit card information, you must take steps to protect the information. Organizations that suffer a breach and have not taken steps to ensure compliance can be penalized, and in some cases may even be prohibited from working with specific payment brands. PCI DSS regulations offer best practices and methodologies for compliance. This webinar lays it all out for you and makes it easy to understand what you need to do.
  • Reducing Risks by Mitigating Vulnerabilities Recorded: Nov 16 2016 50 mins
    Craig Hinkley, WhiteHat Security; Preston Hogue, F5 Networks
    Build an Active Application Defense System
    Web applications accounted for an astounding 40% of last year’s security breaches. The challenges of securing legacy systems, third-party apps, and the extensive shadow IT landscape can be challenging, to put it mildly.

    But here’s the good news: The combined F5 and WhiteHat Security approach to web application security represents a powerful new way for organizations to defend against application-level attacks.

    Companies are constantly developing new applications, and it’s expensive to stop and patch as soon as a new vulnerability is found. Additionally, it may not be practical to remediate every finding due to issues with legacy code, third-party integrations, or other inherited limitations.

    But the integration of F5 Networks and WhiteHat Security technology helps you more quickly identify and remediate vulnerabilities in your web applications. By automating updates to the web application firewall, you can ease the burden of management and reduce costs, while ensuring that your security posture remains strong.
  • Software Security Resurgent: Preventing the Unthinkable Recorded: Oct 11 2016 55 mins
    Scott Crawford, 451 Research; Demetrios (Laz) Lazarikos vArmour; Mike Goldgof, WhiteHat Security
    Think you understand software security? Think again. If you thought the growth of mobile was explosive, wait until you wade into the brave new world of IoT endpoints, where the security of the software running everything from industries, utilities and transportation to your own home will be the front line of defense.

    Join us as 451’s Scott Crawford, vArmour's CISO Demetrios (Laz) Lazarikos, and WhiteHat Security’s Mike Goldgof discuss the new dynamics shaping software security, and the advantages of integrating security throughout the Software Development Life Cycle (SDLC). You’ll learn:

    · How software security takes on today’s threat landscape

    · What the evolution of DevOps and Continuous Integration mean for security

    · Software security’s pivotal role in securing the emerging universe of IoT

    · The benefits of security throughout the SDLC (in both dollars and productivity) from secure source to operations, and what to look for in shaping an enterprise strategy
  • Defeating Cybercrime: Continuous Application Security for Financial Services Recorded: Sep 15 2016 55 mins
    Bill Fearnley, Research Director, IDC Research Inc., Mike Goldgof, Vice President, Product Marketing, WhiteHat Security
    In this session, we discuss cybercrime trends in financial services, and how a continuous application security assessment program can help financial service organizations improve their security posture and mitigate risk.
  • Thwarting Cybercrime in Healthcare with Continuous AppSec Testing Recorded: Aug 17 2016 55 mins
    Lynne Dunbrack, IDC Health Insights; Michael Goldgof, WhiteHat Security
    Healthcare organizations are increasingly vulnerable to devastating cybercrime attacks on a daily basis. Web applications in healthcare are particularly exposed to such attacks. This webcast will explore how continuous application security assessment-as-a-service which combines machine and human intelligence can help healthcare organizations improve their security and risk posture.

    Please join us as IDC’s Lynne Dunbrack and WhiteHat Security’s Mike Goldgof discuss the role of application security in healthcare. You will learn:

    - Today’s cyberthreat landscape in the healthcare industry
    - Relevant security regulations for healthcare: HIPAA, Breach Notification IFR, HITECH Act, and more
    - Vulnerability statistics for healthcare organizations
    - How continuous application security testing can help your security and risk posture
  • WhiteHat Security's 2016 Web Applications Security Stats Report Explained Recorded: Jul 19 2016 50 mins
    Ryan O'Leary, VP Threat Research Center & Technical Support, and Tamir Hardof, CMO, WhiteHat Security
    In this insightful and data-rich one-hour webinar Ryan O'Leary, Vice President of WhiteHat Security's Threat Research Center and Technical Support, and Tamir Hardof, Chief Marketing Officer, will present findings from our 2016 Web Applications Security Statistics Report.

    The Report, compiled using data collected from tens of thousands of websites, reveals that on average the majority of web applications exhibit two or more serious vulnerabilities per application for every industry at any given point in time. We will provide unique perspectives on the state of website security. Data by industry will be presented and accompanied by expert analysis and recommendations.


    Why Attend

    - Learn which industries declined, improved, or greatly improved their remediation rates
    - Learn how many vulnerabilities are typically remediated and the average time to resolve
    - Learn why knowing your risk rating can help you prioritize which vulns to fix first
    - Discover the 3 most common web application vulnerabilities
  • Top 10 Web Hacking Techniques of 2015 Recorded: Jun 15 2016 41 mins
    Johnathan Kuskos
    The Top 10 Web Hacks Webinar, now in its tenth year, represents exhaustive research conducted by a panel of experienced security industry professionals. Johnathan Kuskos, TRC Manager for WhiteHat Security will discuss the latest and most insidious web-based attacks of the year.

    In this webinar, you will learn:
    - The top web hacks, ranked by your peers and a panel of industry experts
    - How to protect your organization against these attacks
    - Industry wide research on new advanced attack techniques
  • 15 Years of Web Security: The Rebellious Teenage Years Recorded: May 18 2016 52 mins
    Ryan O'Leary, VP Threat Research Center, WhiteHat Security
    Fifteen years ago, WhiteHat Security was founded to help secure the web by enabling organizations to find and fix application vulnerabilities before the bad guys could exploit them. With the knowledge and perspective that comes from being an application security leader, Ryan O'Leary, VP of WhiteHat's Threat Research Center, will provide perspectives on:

    - How the types of threat actors have changed and what they now target
    - The intersection of security guarantees and cyber-insurance
    - Easing the burden of vulnerability remediation
    - Measuring the impact of SDLC security controls
    - Addressing the application security skill shortage
  • Hack the Attack: Web App Defense Crash Course Recorded: Apr 14 2016 58 mins
    Kimberly Chung
    Participate in this comprehensive; one-hour Crash Course webinar to get an in-depth understanding of the most common vulnerabilities targeted by hackers and critical defense tactics necessary to safeguard your apps from being exploited.

    Topics Covered

    - Preparing for an attack: Information Leakage / Fingerprinting, Insufficient Transport Layer Protection

    - Abusing a user’s trust for a site: Cross Site Scripting, Content Spoofing

    - Abusing an applications trust for its users and its own browsers: Cross Site Request Forgery

    WhiteHat Security is the pioneer in application and web site security, and a security expert from our Threat Research Center (TRC) will lead this course.
  • Vulnerability Discovery: Booking Zero Dollar Travel Via a Site Recorded: Mar 24 2016 19 mins
    Andrew Tieu, Application Security Engineer
    This presentation will demonstrate the value of manual business logic assessments and provide an example of an abuse of functionality vulnerability identified on a travel booking website. The speaker will provide a real life instance that allowed a user to book zero dollar or negative values for reservations for hotel rooms, entertainment, and restaurants. He will also cover best practices on how to protect your website against abuse of functionality vulnerabilities.

    The speaker will cover the business impact of the Abuse of Functionality vulnerability including:

    - How users were being given full control over the amount they paid for events.

    - Resulting event costs

    - How this vulnerability created a significant loss for the business
  • PCI DSS 3.1 Crash Course - Part II Recorded: Feb 17 2016 27 mins
    Asma Zubair, Director Product Management
    The Payment Card Industry Data Security Standard (PCI DSS) is continuously changing to protect user data from exposure. The most recent version, 3.1 will remain active until December 31, 2017. 
    WhiteHat Security recently held a webinar on the top 11 changes in 3.1 that would affect your application security program and the recommended activities to achieve and maintain compliance. There was a great turn out and even better level of engagement. As such, this webinar will be addressing the great questions raised in Part I to provide a deeper understanding of PCI DSS and its requirements.
  • Insufficient Authorization: The Basics Recorded: Jan 21 2016 36 mins
    Austin Brinkman, Application Security Researcher, WhiteHat Security
    Join us as Austin Brinkman of WhiteHat Security's Threat Research Center (TRC) provides an overview of a common and highly exploitable vulnerability that has found its way into the WASC Threat Classification list and OWASP Top 10.

    In the webinar, it will cover:
    - Vertical vs. horizontal privileges
    - How to exploit through cookies and parameters
    - Consequences
    - Prevention methods
  • Crash Course - PCI DSS 3.1 is here. Are you ready? Recorded: Dec 9 2015 57 mins
    Mike Goldgof, Senior Director, Product Marketing; Kyle Summers, Product Manager
    The Payment Card Industry Data Security Standard (PCI DSS) is continuously changing to protect user data from exposure. The most recent version, 3.1 will remain active until December 31, 2017. 

    This presentation discusses the significance of PCI compliance in your business, the top 10 changes in 3.1 that will affect your application security program, and provides recommended activities to achieve compliance.
  • Secure Web Development Bootcamp: SDLC Fundamentals in 60 Minutes Recorded: Nov 12 2015 67 mins
    Jerry Hoff, Security Consultant, WhiteHat Security
    This condensed, one-hour secure development webinar provides you with an instructor-led Secure Web Development Bootcamp training that will help your team better understand how to build secure websites. This session gets participants up-to-speed on the state of application security today by tying together current headlines to secure coding practices and principles. Demonstrations and re-enactments highlight how attackers take advantage of common web vulnerabilities.
  • The Devil Steals Prada: The Cost of Business Logic Flaws Recorded: Oct 15 2015 34 mins
    Jonathan Smith, Application Security Specialist, WhiteHat Security
    This presentation will demonstrate the value of manual business logic assessments and provide an example of a vulnerability that scanners cannot find because the problem isn’t in the code or framework.

    We will provide a real life instance of a business logic flaw at a major high-end clothing retailer. The flaw allowed malicious users to purchase negative amounts of expensive merchandise, and credit thousands of dollars to their accounts.
  • Top 10 Web Hacking Techniques of 2014 Recorded: Sep 23 2015 57 mins
    Matt Johansen, Director of Security Services & Research, WhiteHat and Jonathan Kuskos, Manager TRC Europe Ltd, WhiteHat Secur
    Every year, our adversaries gain more intelligence and the number of attacks on our applications increase. The damage of these attacks are costly to organizations, reaching millions of dollars a year. The Top 10 Web Hacks Webinar, now in its ninth year, represents exhaustive research conducted by a panel of experienced security industry professionals.

    In this webinar, you will learn:
    •The top web hacks, ranked by your peers and a panel of industry experts
    •How to protect your organization against these attacks
    •Industry wide research on new advanced attack techniques
  • Cross-Site Scripting Crash Course Recorded: Aug 18 2015 48 mins
    Kimberly Chung, Training Supervisor, WhiteHat Security
    With attackers gaining traction, we will take a deeper dive into how to defend against cross-site scripting (XSS) attacks. You will learn what the attack looks like and how to defend against them.

    In the webinar, it will cover:

    -HTML tricks for cross-site scripting
    -JavaScript tricks for cross-site scripting
    -Defensive tactics against cross-site scripting
  • 2015 Stats Report Explained, Where Flow Charts Don't Go Recorded: Jul 22 2015 42 mins
    Jeremiah Grossman, Founder WhiteHat Security
    In this insightful and data-rich webinar Jeremiah Grossman, founder of WhiteHat Security, presents findings from WhiteHat's 2015 Website Security Statistics Report.

    The report, generated by examining vulns in more than 30,000 websites under WhiteHat’s Sentinel management, provides unique perspectives on the state of website security. Data by industry will be presented and accompanied by expert analysis and recommendations.

    Why Attend:

    -Discover the most prevalent vulnerabilities

    -Learn how many vulnerabilities are typically remediated and the average time to resolve

    -Hear why the best approach is to identify specific security metrics to improve upon

    -Take away valuable recommendations for measurable improvement within your application security programs
  • Know Your Adversaries: Think like the bad guys Recorded: Jun 18 2015 49 mins
    Matt Johansen, Director of Security Services & Research and Robert Hansen, VP of WhiteHat Labs, Advanced Technology Group
    As our adversaries continue to gain speed and surpass the technologies
    that protect our assets, we must change our mindset to think like the
    bad guys.

    In this webinar, Robert Hansen and Matt Johansen will cover:
    - Ways to counteract new rapid-paced hacking techniques
    - How adversaries are gaining pace with new tools and tactics
    - Why the old mantra of quarterly scanning to detect and patch may not work in the future
  • How Bad Can Zero Days Get? Recorded: May 27 2015 38 mins
    Robert Hansen, VP of WhiteHat Security Labs
    Are you giving the adversary unintended access through vulnerabilities in your system?

    By only having one method of finding vulnerabilities or one way of mitigating them, the chances of the adversary getting through are increasingly high. This webinar will walk you through the current threat landscape, how vulnerabilities can be found, and how to mitigate control.

    In this webinar you'll learn:

    - What types of assessments work at which points in the software development lifecycle.
    - What is the most popular way to deploy a WAF and why that's not a good idea as a single method of defense.
    - Why finding and fixing your vulnerability isn't actually good enough.
WhiteHat
WhiteHat

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Hack the Attack: Web App Defense Crash Course
  • Live at: Apr 14 2016 5:00 pm
  • Presented by: Kimberly Chung
  • From:
Your email has been sent.
or close