This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP AppSec DC 2012/State of Web Security"

From OWASP
Jump to: navigation, search
 
Line 2: Line 2:
 
__NOTOC__
 
__NOTOC__
 
== The Presentation  ==
 
== The Presentation  ==
I will cover the current state of web based attacks as we see them monitored on our network. In total somwhere around 1 million+ domains are attacked and monitored on our network, so the sample of data provided should be acceptably accurate.<br>The data will be provided in the presentation using statistical data of logged attacks against our network and customer's sites (and can be provided to security researchers in a raw formet). This will provide the audience with a knowledge of how severe a new exploit can become once attackers utilize it, as well as details on what types of attacks are popular with malicious parties.<br>If there is time, I think the crowd would also enjoy a detailed dissection of a handful of common backdoors we see on our network (of course choosing the most unique and interesting backdoors we encounter.) This is not to help the audience on how to design backdoors, but instead provides a basic overview of these attacker's knowledge and intent (why the bad guys do the things they do.)<br>This presentation would fit well most any track you have (45 minute, 20 minute turbo talk, or a panel if I can bring in more presenters from other hosting providers/services.) I will tailor the presentation to fit the target audience (more overview of the threat model for management and more technical details for the end users, etc...)
+
I will cover the current state of web based attacks as we see them monitored on our network. In total somwhere around 1 million+ domains are attacked and monitored on our network, so the sample of data provided should be acceptably accurate.<br>The data will be provided in the presentation using statistical data of logged attacks against our network and customer's sites (and can be provided to security researchers in a raw formet). This will provide the audience with a knowledge of how severe a new exploit can become once attackers utilize it, as well as details on what types of attacks are popular with malicious parties.<br>Time allowing, we will discuss a detailed dissection of a handful of common backdoors we see on our network (of course choosing the most unique and interesting backdoors we encounter.) This is not to help the audience on how to design backdoors, but instead provides a basic overview of these attacker's knowledge and intent (why the bad guys do the things they do.)<br>
 
== The Speakers  ==
 
== The Speakers  ==
 
<table>
 
<table>

Latest revision as of 02:40, 23 March 2012

AppSecDC-468x60-banner-2012.jpg

Registration Now OPEN! | Hotel | Schedule | Convention Center | AppSecDC.org

The Presentation

I will cover the current state of web based attacks as we see them monitored on our network. In total somwhere around 1 million+ domains are attacked and monitored on our network, so the sample of data provided should be acceptably accurate.
The data will be provided in the presentation using statistical data of logged attacks against our network and customer's sites (and can be provided to security researchers in a raw formet). This will provide the audience with a knowledge of how severe a new exploit can become once attackers utilize it, as well as details on what types of attacks are popular with malicious parties.
Time allowing, we will discuss a detailed dissection of a handful of common backdoors we see on our network (of course choosing the most unique and interesting backdoors we encounter.) This is not to help the audience on how to design backdoors, but instead provides a basic overview of these attacker's knowledge and intent (why the bad guys do the things they do.)

The Speakers

Robert Rowley

AppSecDC12-rowley.jpg
Robert Rowley is a security extraordinare at a shared and virtual hosting provider for approximately over one million websites and hundreds of thousands of customers. This unique environment requires providing increased security for an extremely broad range of websites and customers, and provides an ample range of attacks which our team addresses every day, and have compiled this information into the working piece being presented at this conference.

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors

SPL-LOGO-MED.png

Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png

Exhibitors

link=http://www.codenomicon.com/ Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg