• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

How Low and Medium Vulnerabilities Can Own Your Site

As more and more companies are breached via the web, security professionals continue to focus their attention on the critical and high severity vulnerabilities. While this approach would seem to make sense, it overlooks the fact that attackers are getting in through a key attack vector: low to medium severity vulnerabilities. Chained together, these “low hanging fruit” vulnerabilities can own your web application.

This presentation will help security teams think more holistically about the attack landscape. It will illustrate how an attacker can chain together lower end vulnerabilities to own your web application, the tools and tactics they might use, and how to prevent this from happening to you.

Key learning points:
  • How attackers are making big breaches exploiting small vulnerabilities
  • Attacker tools and tactics to own your web application
  • How to prevent attacks that use chained vulnerabilities
  • Why security teams should think holistically about the attack landscape

About Brett Gravois

Brett Gravois is a member of the Perimeter Scanning Services team at Rapid7. He has over 16 years of experience in IT and Security, specializing in PCI practices, vulnerability scanning and management.

Primary Sidebar

Details

Tuesday May 17, 2016
9:45 AM - 10:45 AM
Room 14
Level: Intermediate
Focus: Cybersecurity

Share this page

Share on Facebook
Facebook
Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin
Buffer this page
Buffer
Email this to someone
email

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.