When
5:00 PM Saturday
Where
1401
Silicon Valley Code Camp : October 11th and 12th 2014session

I Own Your Web App

Web applications are very often wide-open doors for hackers, including the Code Camp website. I will demonstrate several common vulnerabilities, including: SQL Injection Cross-Site Request Forgery Cross-Site Scripting Local File Inclusion

About This Session

Web applications are very often wide-open doors for hackers to exploit, stealing data, defacing Websites, and often traversing through a network owning server after server. The Code Camp website demonstrates several poor security practices, which I will demonstrate. I will also demonstrate several common vulnerabilities, showing how to exploit them, and how to patch the vulnerable code, including: SQL Injection Cross-Site Request Forgery Cross-Site Scripting Local File Inclusion I will provide live demonstration apps and code on my Website for everyone to use freely. Nothing here is new, and the most important information is more than ten years old. However, this information is missing from many programming classes and textbooks and new Web apps are still repeating the mistakes of the past. I hope to inspire more coders to consider security earlier in the development process.

Time: 5:00 PM Saturday    Room: 1401 

The Speaker(s)

undefined undefined

Sam Bowne

instructor, Computer Networking and Information Technology , City College San Francisco

Sam Bowne has been teaching computer networking and security classes at CCSF since 2000. He has given talks at CodeCamp, DEFCON, BayThreat, LayerOne, and Toorcon, and taught classes and seminars at many other schools and teaching conferences. He has a Ph.D. and a CISSP and a lot of other certifications, and a lot of computer and cables and firewalls and stuff.