HITBSECCONF2012 - MALAYSIA

THERE WILL ONLY BE A MAXIMUM OF 1010 SEATS SOLD - BE SURE TO REGISTER EARLY!!!

For up to the minute updates on HITB2012KUL, please follow our @hitbsecconf Twitter stream or join our Facebook Group

MEDER KYDYRALIEV (Google Security Team)

PRESENTATION TITLE: Defibrillating Web Security

PRESENTATION ABSTRACT:

Whether you are a consultant or a software engineer, you have probably realized by now that we’re not really making a lot of progress on server-side web security. Consultants benefit from the resulting job security and developers want to focus on building awesome technology without spending a lot of time and energy building reusable security solutions, which are hard. Come and hear about the fallacies of the current approaches and a couple of ideas no how to address some of them.

Among other things, this talk will introduce you to contextual runtime taint tracking system with PoCs in Java and Ruby.

ABOUT MEDER KYDYRALIEV

Meder has been working in the area of application security for nearly a decade. He’s poked at, broken, and helped fix a lot of code businesses and parts of the Internet depends on (Struts2, JBoss Seam, Google Web Toolkit, and Ruby on Rails, to name a few). Some of the things that excite him include: karaoke, server-side security, kumys and making software security easier.

EVENT ORGANIZER

SUPPORTED AND ENDORSED BY

GOLD SPONSORS

SILVER SPONSOR

HACKWEEKDAY SPONSOR

TITANIUM SPONSOR (POST CONFERENCE RECEPTION + SPEAKER RECEPTION)

ALCO_PWN SPONSOR (POST CONFERENCE RECEPTION)

CTF SPONSOR

CTF PRIZE SPONSOR

CTF MANAGED BY

VIDEO RECORDING SPONSOR

NETWORK EQUIPMENT SPONSOR

INTERNET CONNECTIVITY SPONSOR

ADDITIONAL SUPPORT BY

SUPPORTING MEDIA

FRIENDS OF HITB

Copyright © 2012 Hack In The Box | http://www.hackinthebox.org

PRESENTATION TITLE: Defibrillating Web Security

PRESENTATION ABSTRACT:

Among other things, this talk will introduce you to contextual runtime taint tracking system with PoCs in Java and Ruby.

ABOUT MEDER KYDYRALIEV