Title: Effective Approaches to Web Application Security - Zane Lackey
This presentation will focus on new and interesting approaches to web application security problems posed by a continuous deployment environment. Specifically, this presentation will cover useful security systems such as automatic vulnerability and application fault detection, effective platform defenses for XSS/SQLi, practical security alerting mechanisms, and visualizations of security related data. This talk demonstrates how to create these systems using free tools that improve security posture without commercial security products.
Speaker: Zane Lackey, Security Engineer Manager, Etsy
Zane Lackey leads the security groups at Etsy, the world’s marketplace of creative independent businesses. Prior to Etsy, Zane was a Senior Security Consultant at iSEC Partners with a focus in the fields of mobile and web application security.
His research has been featured in notable media outlets such as the BBC, Associated Press, Forbes, Wired, CNET, SC Magazine and numerous others. A frequent speaker at top industry conferences, he has presented at BlackHat, RSA, Microsoft BlueHat, Toorcon, DeepSec, SANS, OWASP, guest lectured at NYU, and in 2010 was named as one of 12 prominent security researchers by Network World magazine.
He is a contributing author of Mobile Application Security (McGraw-Hill), a co-author of Hacking Exposed: Web 2.0 (McGraw-Hill), and a contributing author/technical editor of Hacking VoIP (No Starch Press). He holds a Bachelor of Arts in Economics with a minor in Computer Science from the University of California, Davis.
Date:Friday October 26, 2012 10:00am - 10:45am
Location: AppSecUSA, Austin, TX. Hyatt Regency Hotel. NTObjectives Room