AppSecEU08 Beyond Google Hacking

Title: Web Application Security and Search Engines - Beyond Google Hacking

Google Hacking is an acknowledged threat to web applications and sensitive data including credit card numbers, social security numbers and other types of private information. However, hackers now exploit powerful search engines in new ways beyond Google Hacking. This presentation will dig into some of the less known aspects of web application security related to search engines in general and Google in particular. Presenation will discuss the usage of search engines as malware distribution platforms, a tool for taking a comercial competitor down and more.

About the speaker: Amichai Shulman is co-founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Mr. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Mr. Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Mr. Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Mr. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology