Thursday March 19th, 2009 3:00 – 5:00 PM at Con Way (2055 NW Savier St. Portland)

02.23.09 - 11:09am

Thursday March 19^th, 2009 3:00 – 5:00 PM at Con Way (2055 NW Savier St. Portland)

Fundamentals of Web Application Penetration Testing

Part of building secure networks and applications is subjecting them to focused testing. In this presentation, security analysts from Anitian Enterprise Security will discuss methods, technologies and tactics in conducting Web Application Penetration testing. Topics covered include: 

·     Recon and analysis

·     Authentication

·     Session management

·     Access Controls

·     Injection Testing

·     Data protection

·     Error handling

·     Application hosting

Biography

Adam Gaydosh, CISSP, CISA, GPEN, GIAC, QSA
Senior Security Analyst
Anitian Enterprise Security

Mr. Gaydosh is a Senior Security Analyst at Anitian where he oversees the IT Audit and Assessment division. Mr. Gaydosh specializes in application layer testing and IT compliance. Prior to working at Anitian, Mr. Gaydosh worked for a large national government contractor. Mr. Gaydosh provided security consulting services to numerous branches of the US Government, including the US Department of Defense. Mr. Gaydosh worked on site with the US Marines and Army securing classified networks, deploying PKI and identity management solutions and conducting rigorous security hardening of server systems. While working at Anitian, Mr. Gaydosh has conducted hundreds of security audits and assessments ranging from small regional financial institutions to large, global corporations. Mr. Gaydosh is currently involved in dozens of high-profile application tests, including conducting security tests on the next generation of elections systems. Mr. Gaydosh has numerous security certifications including the CISSP, CISA and the SANS certifications for security auditing and penetration testing. Mr. Gaydosh is also one of Anitian’s Qualified Security Assessors for PCI-DSS compliance. 

Category: Chapter Meetings | Tags: