Free

OWASP Austin Chapter Monthly Meeting - May 2017

Event Information

Share this event

Date and Time

Location

Location

National Instruments

11500 North Mopac Expressway, Building C

Austin, TX 78759

View Map

Event description

Description

Annoying web app vulnerabilities: HTTP Request Smuggling, HTTP Response Splitting and Cross-Origin Resource Sharing Misconfigurations.

Part 1:

Abstract: HTTP Request Smuggling is an attack capable of bypassing security protections and "poisoning the well" for caching web proxies. In this talk we'll be discussing attack scenarios and their security implications.

Speaker: Gabriel has been actively involved in the security industry since 2007 and currently holds the position of security analyst at Rapid7.

Part 2:

Abstract: HTTP Response Splitting is a web application vulnerability that is often misunderstood, but can lead to a serious compromise. This talk will walk through the basics of Response Splitting, how an attack works, and what you can do to defend against it.

Speaker: Ben Columbus is a security analyst for Rapid7, who specializes in network and web application penetration testing. He has been working in security for the last eight years in various positions and was previously a penetration tester for the State of Texas.

Part 3:

Abstract: The talk will provide information about headers used for Cross-Origin Resource Sharing (CORS) and how servers use these headers to communicate access policy to browsers. The possible security implications of misconfigured CORS headers will be discussed.

Speaker: Jacob enjoys learning about security vulnerabilities and their usage in the real world.


Food: Taco Deli. Arriving at 11:30 AM gives you time to get some food and find a seat. We try to start the meeting around 11:50 AM.

Share with friends

Date and Time

Location

National Instruments

11500 North Mopac Expressway, Building C

Austin, TX 78759

View Map

Save This Event

Event Saved