DotNet Columbia SC User Group banner



Links

DotNet Columbia SC

Sponsors

DotNetColumbiaSC
    online discussion group

Calendar of Events

Meeting Location

Map

Contact Us


DotNet Columbia SC is an INETA Member group

March 2005 Meeting Announcement


Meeting Details

Thursday, March 3, 2005

Dennis Hurst, Senior Consulting Engineer at S.P.I. Dynamics Incorporated will present

Live Hacking Demo: Top Web App Attack Methods and How to Combat Them.

It's been estimated that three-fourths of today's successful system hacks are perpetrated not via network security flaws, but by entering directly through the "front door" - exploiting vulnerabilities in customer-facing web applications.

Is *your* front door wide open?  Join us and find out.  This is not for the faint of heart.  If you have a web site out there - it doesn't even have to be a commerce site - you may not sleep well after this meeting... until you have done some of these tests yourself and maybe plugged some holes in your site(s).

As a developer, I will watch this session and others like it until I can repeat it in my sleep.  And any manager responsible for development, security, operation, or maintenance of a website should watch this.  Some big hitters have been subject to these types of attacks...

Pre-register by sending an email to Tore Bostrup stating that you are pre-registering for the event.

Location:
Midlands Technical College - Northeast Campus/Center of Excellence for Technology
The Auditorium
151 Powell Rd.
Columbia, SC 29203

(803) 691-3925

Map http://www.midlandstech.edu/northeastmap-b.htm

Event Date: Thursday, March 3, 2004 

6:00 PM

Registration and Networking

Registration and Networking

Meet and Mingle.  The time before the meeting is a great time for networking with other developers in the area. Have some (free) pizza and refreshments.  Any handouts and pizza will be available on a first come first served basis.

Who - knows - there may be another Code Corner - and maybe it won't be me this time.  However - who knows.  Come to the meeting and find out...

 

 

 

6:45 PM

Announcements

Introductions and Announcements

We announce the results of November's survey, as well as other club business, upcoming events and happenings within the community, and words from our sponsors.

Speaker - Committee & Sponsor

 

 

 

7:00 PM


Spotlight Presentation

Live Hacking Demo: Top Web App Attack Methods and How to Combat Them.

It's been estimated that three-fourths of today's successful system hacks are perpetrated not via network security flaws, but by entering directly through the "front door" - exploiting vulnerabilities in customer-facing web applications. The hacker has evolved. Reality is that web sites and web applications are hacked with frightening ease. By taking advantage of the public access to a company through port 80 and 443 and using it to subvert your applications, hackers can gain easy access into your company's sensitive backend data. Firewalls and IDS will not stop such attacks because hackers using the Web application layer are not seen as intruders. Watch and learn as our top security experts from SPI Dynamics show you how to defend against attacks at the Web application layer with examples covering recent hacking methods such as: SQL Injection, Cross Site Scripting, Parameter Manipulation, and Session Hijacking.

Dennis Hurst, senior consulting engineer for SPI Dynamics, is responsible for working with developers to educate them on the need for Web Application security and practical ways to protect Web Applications from hacking attacks. S.P.I. Dynamics Incorporated, the expert in web application security testing and enterprise security risk management, provides software and services to help organizations protect against the loss of confidential data across the enterprise. SPI Dynamics’ internal research and development group, SPI Labs, is recognized as the unequivocal authority on web application security with security experts who have received worldwide recognition for the identification of security vulnerabilities and exploits.

With more than 15 years experience in the Information Systems/Application Development industry, he is an expert in system design, implementation and maintenance of complex multi-vendor, multi-platform computer applications and networks. He has extensive experience in planning developing and enhancing Internet systems as well as integrating Internet systems with legacy systems.  For the past three years he has focused on developing tools to test and secure the HTTP protocol.

Dennis is a Microsoft Certified Solution Developer (MSCD in Visual Basic and SQL Server) and a Certified Novell Engineer (CNE) for version 3.x and 4.x. Furthermore, he has published articles and developed classes on the secure application development process.  Dennis has spoken on the topic of secure coding practices at Software Development West 2004, Better Software 2004, WebSec 2003 and various user group chapter meetings. He has been published in asp.net PRO and on 15 Seconds



Speaker – Dennis Hurst

 

 

 

About 8:00 PM

Raffle and Conclusion

Raffle

Door prizes - check out this month's goodies...  Must be present to win.

Speaker - Committee

After the meeting we encourage a social gathering at Sticky Fingers on Two Notch Road at the corner of Parklane.

 

 

 

Meeting Site

http://www.midlandstech.edu/northeastmap-b.htm.

Signing up for mailing list or membership

If you are receiving a forwarded copy of this announcement and would like to be on the mailing list, please email us with your name, email address, and company name.

Membership is free at this time. However, you have to sign up in order to receive information about events, etc.  If you would like to join, sign up will be available on our website coming soon. More details about the user group and membership benefits will be available on the forthcoming web site. If you have additional questions, please contact us.

Meetings are open to the public.


Microsoft

MTC logoMTC logo

DP Professionals, Inc.DP Professionals, Inc.

Modis


This site hosted by:
SecureWebs