Session Sponsored by:
More and more organizations face very real DDoS threats that impact service availability and translate to brand damage. The most common approaches to mitigating DDoS attacks are reactive controls placed in the network path and upstream provider countermeasures. Unfortunately, many organizations overlook simple and cost-effective application-layer controls that can significantly bolster their defenses against DDoS attacks. This talk will take a focused look at what type of actions can be taken to make web applications more resistant to resource depravation attacks.
About Kevin Nassery
Kevin Nassery has more than fifteen years of experience building and breaking information systems. He is currently a Managing Consultant at Cigital where he specializes in application security program development, security architecture, and penetration testing and is a frequent speaker on a wide array of security and technology issues. Prior to joining Cigital, Kevin led US Bank’s Assessment Services program where he had complete responsibility for penetration testing, application security, and vulnerability management operations. He holds a MS from DePaul University where his focus was on network protocol design and security, and has maintained his CISSP since 2002.
