In the last twenty years, web applications (browser and mobile) have become the primary tool for consumers to conduct commerce and financial transactions. This was not, however, the original design goal of the world wide web. The result has been that we are using financial applications which are often vulnerable to misuse. This presentation will provide an overview of some of the underlying weaknesses of web applications, and the techniques used to address these security vulnerabilities. The presentation will cover how the open source software impacts the security of the applications, and how white hat hackers play a role in improving the security of our products. Attendees will gain insight into the real risks present in web applications, and an understanding of some of the ways to mitigate these risks through a comprehensive secure application development lifecycle approach.
- Understand why web applications keep having security problems
- Learn about white hat hackers and how they are improving the security of our applications
- Understand the concepts of a Secure Software Development Lifecycle
About Scott Forbes
Scott Forbes, CISSP, CSSLP, has worked as a web application developer and architect for 20 years, and has led the development of secure mission critical web applications and web services in the retail and financial services industries. Forbes has in-depth knowledge of a broad spectrum of web, mobile and cloud technologies. He is a Sun(Oracle) certified in java/web component developer, and is an active member of InfraGard and the Open Web Application Security Project (OWASP).