The Web Hacking Incident Database (WHID) Report - Revision history

Mark.bristow at 17:12, 1 October 2010

2010-10-01T17:12:47Z

Dallendoug: added link header

2010-09-21T05:07:10Z

added link header

Mark.bristow at 19:11, 19 September 2010

2010-09-19T19:11:56Z

Mark.bristow: Created page with '== The presentation == rightThe web hacking incident database (WHID) is a Web Application Security Consortium project dedicated to maintaining a…'

2010-09-17T15:44:03Z

Created page with '== The presentation == rightThe web hacking incident database (WHID) is a Web Application Security Consortium project dedicated to maintaining a…'

New page

== The presentation ==

[[Image:Owasp_logo_normal.jpg|right]]The web hacking incident database (WHID) is a Web Application Security Consortium project dedicated to maintaining a list of web applications related security incidents. WHID goal is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web applications security incidents. The database is unique in tracking only media reported security incidents that can be associated with a web application security vulnerability. This presentation will highlight the statistics gathered from 2010 thus far and provide insight into categories such as:
# Top Attack Methods
# Top Compromise Outcomes
# Top Target Geographic Region
# Top Vertical Markets Hit.

The presenter will also provide some in-depth analysis for specific WHID entries.

== The speaker ==

Speaker bio will be posted shortly.

[[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]]

← Older revision		Revision as of 05:07, 21 September 2010
Line 1:		Line 1:
		+	[[Image:468x60-banner-2010.gif\|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]
		+
		+	[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] \| [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] \| [http://www.dcconvention.com/ Walter E. Washington Convention Center]
		+	<br>
	== The presentation ==		== The presentation ==

← Older revision		Revision as of 19:11, 19 September 2010
Line 13:		Line 13:
	Speaker bio will be posted shortly.		Speaker bio will be posted shortly.

−	[[Category:~~AppSec_DC_2010_Presentations~~]] [[Category:OWASP_Conference_Presentations]]	+	[[Category:AppSec_DC_2010_Turbo_Talks]] [[Category:OWASP_Conference_Presentations]]

@@ Line 5: / Line 5: @@
 == The presentation  ==
-[[Image:Owasp_logo_normal.jpg|right]]The web hacking incident database (WHID) is a Web Application Security Consortium project dedicated to maintaining a list of web applications related security incidents. WHID goal is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web applications security incidents. The database is unique in tracking only media reported security incidents that can be associated with a web application security vulnerability. This presentation will highlight the statistics gathered from 2010 thus far and provide insight into categories such as:
+[[Image:Ryan_Barnett-headshot.jpg|right]]The web hacking incident database (WHID) is a Web Application Security Consortium project dedicated to maintaining a list of web applications related security incidents. WHID goal is to serve as a tool for raising awareness of the web application security problem and provide information for statistical analysis of web applications security incidents. The database is unique in tracking only media reported security incidents that can be associated with a web application security vulnerability. This presentation will highlight the statistics gathered from 2010 thus far and provide insight into categories such as:
 # Top Attack Methods
 # Top Compromise Outcomes
@@ Line 13: / Line 13: @@
 The presenter will also provide some in-depth analysis for specific WHID entries.
-== The speaker  ==
+== Ryan Barnett ==
-Speaker bio will be posted shortly.
+Ryan C. Barnett is a senior security researcher on Trustwave's SpiderLabs Team. He is a SANS Institute certified instructor and a member of both the Top 20 Vulnerabilities and CWE/SANS Top 25 Most Dangerous Programming Errors teams. In addition to working with SANS, he is also a WASC Member where he leads the Web Hacking Incidents Database (WHID) and Distributed Open Proxy Honeypots Projects and is also the OWASP ModSecurity Core Rule Set (CRS) project leader. Mr. Barnett has also authored a Web security book for Addison/Wesley Publishing entitled Preventing Web Attacks with Apache. .
 [[Category:AppSec_DC_2010_Turbo_Talks]] [[Category:OWASP_Conference_Presentations]]