Defense Against the Dark Arts: ESAPI
The internet is a virtual playground for all kinds of bullies, those in it just for the "lulz" to those in it for the cold hard cash. This workshop will demonstrate how you can use ESAPI to protect your application from attacks that could lead to serious breaches from attackers ranging from script kiddies to the advanced persistent threat by examining high profile attacks and the defenses against them. Using examples such as the recent Sony and Citibank breaches we will examine how you can protect your app from the same type of attacks and also how you can leverage the components in ESAPI to detect the threat and react to it before it becomes a breach.
Presenters
Chris has over 15 years experience in the Information Technology field in both hardware and software. He currently works for Aspect Security as an Application Security Engineer and Sr. Software Engineer. He also volunteers a great deal of time to the Open Web Application Security Program (501c3) as an active leader. He leads the Enterprise Security API project, serves on the Global Projects Committee, helps run the Denver Chapter of OWASP, and attends worldwide OWASP events as a speaker. He has spoken at several OWASP events across the US, presented at Blackhat and Rocky Mountain Software Symposium's UberConf on writing secure software and using the Enterprise Security API. In his spare time he enjoys writing and recording music for his nerdcore project "KrnlPanic", having nerf wars with his 2 sons, and working on or driving his car. He is an avid gamer and movie lover and enjoys cold beer and long walks on the beach.
We will be presenting Esapi on Sunday the 13th @ 5pm @ the Radisson Twon Lake Ballroom.
Link: http://schedule.sxsw.com/2012/events/event_IAP9143
Defense Against the Dark Arts: ESAPI
#sxsw #ESAPI
The internet is a virtual playground for all kinds of bullies, those in it just for the "lulz" to those in it for the cold hard cash. This workshop will demonstrate how you can use ESAPI to protect your application from attacks that could lead to serious breaches from attackers ranging from script kiddies to the advanced persistent threat by examining high profile attacks and the defenses against them. Using examples such as the recent Sony and Citibank breaches we will examine how you can protect your app from the same type of attacks and also how you can leverage the components in ESAPI to detect the threat and react to it before it becomes a breach.