DEF CON Forum Site Header Art

Announcement

Collapse
No announcement yet.

From ZERO To HERO In Web Security Research by Roman Zaikin at DEF CON 29

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • From ZERO To HERO In Web Security Research by Roman Zaikin at DEF CON 29

    From ZERO To HERO In Web Security Research
    Roman Zaikin at DEF CON 29



    Prerequisites for students?:
    Basic Web Concepts, Basic Web Development Skills, Ability to Understand JavaScript.

    Materials or Equipment students will need to bring to participate?:
    Personal Laptop

    What level of skill is required for your targeted audience (Beginner/Intermediate/Advanced)?:
    Beginner - Intermidiate

    ABSTRACT:

    Web applications play a vital role in every modern organization. If your organization does not properly test and secure its web apps, adversaries can compromise these applications, damage business functionality, and steal data. Unfortunately, many organizations operate under the mistaken impression that a web application security scanner will reliably discover flaws in their systems.

    Customers expect web applications to provide significant functionality and data access. Even beyond the importance of customer-facing web applications, internal web applications increasingly represent the most commonly used business tools within any organization. Unfortunately, there is no "patch Tuesday" for custom web applications, so major industry studies find that web application flaws play a major role in significant breaches and intrusions.

    In this course we will teach you how to find vulnerabilities in web security according to the latest methods and techniques. We will demonstrate every vulnerability by giving an example from vulnerability we have found in major tech companies like: Facebook, WhatsApp, Telegram, eBay, AliExpress, Snapchat, DJI, LG and more!

    Trainer Bio(s):
    Yaara Shriki is an experienced security researcher at Check Point. She is an IDF technological unit graduate with experience in penetration testing, vulnerability research and forensics. Outside of work, Yaara volunteers to promote women and girls in tech.

    Roman Zaikin is a Security Expert at Check Point Software Technologies. His research has revealed significant flaws in popular services, and major vendors (Facebook, WhatsApp, Telegram, eBay, AliExpress, LG, DJI, Microsoft and more). He has over 10 years of experience in the field of cyber security research. He spoke at various leading conferences worldwide and taught more than 1000 students, he is also responsible for the design and the material of various cyber courses worldwide. He holds more than 15 Certifications and extensive experience with system administration, network architecture, software development, penetration testing and reverse engineering. He has outstanding self-taught skills, having the ability to develop and thinking outside the box. Love technology and want to know exactly how things work behind the scenes at lowest level of the bit and the bytes. He has an innate curiosity of how software can be broken down or bypassed so you can do things with it that weren't intended to be done.

    Dikla Barda is a Security Expert at Check Point Software Technologies. Her research has revealed significant flaws in popular services, and major vendors like: Facebook, WhatsApp, Telegram, eBay, AliExpress, LG, DJI, Microsoft, TikTok and more. She has over 15 years of experience in the field of cyber security research. She spoke at various leading conferences worldwide.
    Last edited by Dark Tangent; 6 days ago. Reason: Removed outline, it might change before the workshop
    PGP key: dtangent@defcon.org valid 2020 Jan 15, to 2024 Jan 01 Fingerprint: BC5B CD9A C609 1B6B CD81 9636 D7C6 E96C FE66 156A

  • #2
    How is registration for workshops being done?

    Comment


    • #3
      DT provided and answer in another thread where someone asked about workshops:
      https://forum.defcon.org/node/237326#post237469

      Originally posted by Dark Tangent View Post
      It will happen on site during DEF CON 29, and signups will happen in mid July on-line. Good luck!
      6: "Who is Number1?"
      2: "You are number6"
      6: "I am not a number!..."

      Comment

      Working...
      X