Albuquerque, NM (PRWEB) August 16, 2012
This course is not for beginners! As one of Hacker Halted Academy’s Advanced Hacking offerings, Advanced Application Security is an intensive course that will take a deep dive into today’s latest risks in the programming environment, look at current prevention tools, and discover how new attacks are trying to infiltrate the application environment. Most importantly, instructor Tim Pierson will teach participants how to stop these attacks by defensively writing their code.
Participants will learn new techniques for hardening applications from within as well as how to attack web applications, off the shelf binary applications, and popular runtimes such as .net, java, and even Adobe AIR, in a legal and ethical way. “Learning where mistakes are made and ensuring every aspect of the principles of application security is in order,” Mr. Pierson explains.
Mr. Pierson hopes participants will gain a profound understanding of how perpetrators affect the functionality of things like DEP and ASLR. “For example,” Mr. Pierson continues, “knowing that DLL’s most typically load from a known location, we will deal with the notion of what is called return oriented programming (ROP) gadgets. This is the concept where perpetrators will jump to the end of subroutines in that DLL, and then the subroutine finishes and returns to the caller, that is, to them.”
By cleverly using the so-called “tails of existing code,” the person behind the screen is able to avoid the Data Execution Protection (DEP), because they’re not executing data. “They’re actually executing Microsoft’s code,” which Mr. Pierson says is “certainly not the way that Microsoft intended it to be used.”
Participants will leave this class realizing some of the most common mistakes made during the development lifecycle and will gain a better understanding of how to create a proactive defense code. This course is part of Hacker Halted’s full line-up of Academy classes that includes their flagship class, Certified Ethical Hacker.
To learn more about Hacker Halted Academy or to register for this class, please visit: http://www.hackerhalted.com/2012.
About Tim Pierson
Technical trainer for the past 23 years and is an industry leader in both Security and Virtualization. He has been a notable speaker at many industry events including Novell's Brainshare, Innotech, GISSA and many military venues including the Pentagon and numerous nuclear facilities addressing security both in the US and Europe. He is contributor to Secure Coding best practices and coauthor of Global Knowledge Windows 2000 bootcamp. Current projects include contributing author of "VMware Virtual Infrastructure Security:- Securing ESX and The Virtual Environment" released in April 2009 by Pearson Publishing and has done work for the bimonthly Virtualization Security Roundtable Podcast available as a download on iTunes and Talk Shoe. Tim is one of the EC-Council's Master Instructors.
About Hacker Halted
EC-Council’s flagship information security conference, Hacker Halted, aims to raise awareness toward increased education and ethics in information security. This information security conference series covers in-depth topics into the development of security issues plaguing the world. Hacker Halted features many world-renowned subject matter experts and high-level speakers, as well as some of the best technology companies showcasing their products and services. Hacker Halted provides the most sought after technical training and certification classes offered through Hacker Halted Academy by top training companies and led by well-respected instructors. Hacker Halted has grown; from a single annual conference in Miami to a global conference series with events held in Malaysia, Dubai, Egypt, Singapore, Mexico, and Japan since its inception in 2009.
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in various e-business and security skills. EC Council is the owner and developer of the world-famous E-Council Certified Ethical Hacker (CEH), Computer Hacking Forensics Investigator (C|HFI), Certified Security Analyst (ECSA), License Penetration Tester (LPT) programs, and various others offered in over 60 countries around the globe. These certifications are recognized worldwide and have received endorsements from various government agencies including the US Federal Government via the Montgomery GI Bill, and the US Government National Security Agency (NSA) and the Committee on National Security Systems (CNSS) certifying EC-Council’s Certified Ethical Hacking (CEH), Network Security.