This site is archived.

Web Application Canonicalization, Encoding and Transcoding Attacks

AmandaGiovanni's picture
Submitted by AmandaGiovanni on Mon, 08/25/2008 - 17:42.
Session time: 
08/29/2008 - 09:00 - 08/29/2008 - 10:30
Conference booklet summary and bio
Article for conference booklet: 
This is *very* technical presentation meant for advanced developers and coders. It will cover many PHP and popular PHP-framework exploits, some which work on improperly implemented Drupal. Real life examples and remediation techniques will be discussed with our panel of expert.

Amanda Giovanni, Director of Enterprise Risk Management of CommonPlaces, Erich Breyrent, VP of Engineering of CommonPlaces, Matthew Nash, Cyber Security Consultant of Katalyst Strategies, and Arian Evans of Whitehat, will present findings from the third quarter 2008 Web Application Security Statistics Report.

Based on real-world data from thousands of Web application assessments, The presentation will provide a look at the top vulnerabilities that attackers are exploiting to steal corporate and customer data from public and intranet websites.