Web AppSec: Professional Hacking Methods and How to Defend Against Them | Online

About this event

Join us for our next Tech Talk on WebApp Security!

When designing any application in today's digital age, security cannot be an afterthought. Building on the experience as a penetration tester at NCC Group, this presentation will explain typical web app vulnerabilities, how a professional hacker goes about exploiting them, how to protect against them and take a couple relevant web application frameworks as examples to show how they handle most of the work for the developer.

Attendees will learn how to perform basic security testing against a web application. Insight will be provided on recurring and systemic mistakes discovered by NCC Group during security assessments and how to avoid them. Finally, attendees will learn a framework on how to incorporate security during the architecture or redesign phases of information systems.

More about the speaker:

Valentin Leon is a Principal Security Consultant and has been with NCC Group for 4 years, performing penetration testing for a broad range of clients and technologies. He has worked in the computer industry for over 10 years, dividing his attention between development and security analysis. He has worked and contracted for a number of security and software companies, including fortune 500 companies such as Bloomberg as well as startups. Valentin leads engagements testing web applications of varying backends including .Net, Java, C/C++, and Python, internal and external network assessments, architecture and hardware reviews, protocol analyses, and mobile application reviews. Valentin has performed security research in the following areas: RFID, LTE, iOS and IMAP. Valentin has also given talks at the AT&T Cyber Security Conference.