James Jardine is CEO of DevelopSec, owner of Jardine Software, an application security consultancy, as well as founder and regular contributor to Down the Security Rabbit Hole and DevelopSec podcasts. He has over 16 years experience focusing on application security and software development. James has presented at multiple conferences, including DerbyCon, Infosec World, Hacker Halted, and many more. He has also taught courses for the SANS institute as well as at BlackHat and DerbyCon.
Saturday 2:30 PM - 2:30 PM
C Track Atlantica C
Have you heard the echos in the office talking about application security? The mention of flaws like SQL Injection, Cross-site Scripting or XML External Entities, but are not sure what they really are? In this session, We will walk through multiple demonstrations of these commonly identified vulnerabilities. We will discuss the flaw at a high level as we walk through a demo exploiting the flaw. We will then mention some potential mitigation strategies for each one. This demonstration will provide a better understanding of what these vulnerabilities are and why they really matter to your organization and your applications. The goal is not to teach how to hack, but instead to understand the risks of vulnerabilities and how easy they are to exploit.