Without security training, developers may not fully understand the adversary trying to break their code.
King of Prussia, PA (PRWEB) February 25, 2013
Allied InfoSecurity today announced that it will be sharing its Web Application Security expertise in a session called “Defending the Web! A Hacking Perspective”, to be presented at the Information Systems Security Association (ISSA) Delaware Valley chapter’s meeting on Friday, March 1, 2013, in Trevose, PA. Speaking on this subject will be Michael Piscopo, Director of Technical Consulting Services with Allied InfoSecurity, Inc.
“With such a high percentage of client-facing services provided through web applications in today’s business environment,” says Mr. Piscopo, “developing them as securely as possible is absolutely critical to protecting both your clients’ data and trust in your corporate brand. Without security training, developers may not fully understand the adversary trying to break their code.”
This presentation reveals how common vulnerabilities allow hackers to gain illicit access to web applications and sensitive client information, and some of the basic approaches hackers may take to uncover and exploit the most common vulnerabilities. Pulling real-world examples and experience from Allied InfoSecurity’s penetration testing team, some of the most common OWASP Top-10 categories will be discussed.
Michael Piscopo, CISSP, INFOSEC, CCNP, MCSE, has held roles throughout his career in network and server engineering, software development, and information security. These skills, combined with years of ethical hacking experience, results in a unique understanding of technical risks, as well as a world class capability to help organizations understand (and just as importantly to avoid) many of the common pitfalls in building a web application defense strategy. He holds a BS in Aerospace Engineering from Virginia Tech.
The Delaware Valley Chapter of the ISSA serves security professionals in Southeastern Pennsylvania, Southern New Jersey, Delaware, and Maryland. Members and sponsors collaborate in sharing knowledge and materials relevant to information/computer/network security.
About Allied InfoSecurity
Established in 2006, Allied InfoSecurity is an independent company focused on security and staffed by certified security professionals. As a consulting and outsourcing provider, it helps businesses to improve and manage information security programs, mitigate risk, and respond to regulatory and marketplace demands more quickly and effectively than most companies could do on their own.
Allied InfoSecurity offers a full range of information security capabilities and services that address business processes, technology, and the human element of security. Just as important, its partnership approach to delivering services provides easy, flexible access to the full breadth of its expertise.
To receive complimentary issues of InfoSecurity News weekly, as well as periodic announcements of free online webinars and upcoming events, go to Allied InfoSecurity's Registration Page. Or email questions, comments, or requests to ask (at) alliedinfosecurity (dot) com.