Webapplication security audits
Hans de Raad
SEVERAL TALKS FOR OSC 15 ARE REGISTERED IN MY NAME, BUT NOT DONE BY ME, APOLOGIES FOR THE INCONVENIENCE.
Independant consultant, open-source enthousiast (openSUSE, Drupal, Kolab, etc). Also a big classical music lover (business manager of the Bachkoor Holland). One of my companies basic phylosophies is, if opensource provides you with a stable revenue (thank you, 10x), you should do something in return. Therefor, i am sponsoring this fantastic conference!
No video of the event yet, sorry!
When developing and deploying web applications, the final result is a collection of software all carefully combined to offer a coherent platform.
This platform however consists of several loosely coupled items which can, on various levels, offer possibilities of manipulating the deployment.
This session offers an analysis of these items and offers some insight in the possible attack vectors these might offer.
Focus is not on actually hacking the components but on hardening them, by putting prevention measures (like mod_security) in place.
This presentation is derived from a standard auditprocedure which the author follows on a regular basis.
- 2013 July 22 11:00
- 2 h
- openSUSE Conference