Why do we skip the easy stuff? Web applications are easy targets because the default configuration is typically wide open. This talk will cover some quick techniques to protect your web servers and your customers. We will discuss basic configurations for servers and maybe a little code. You will see real-world attack demos that you can test yourself. And I will explain each attack in a way that provides actual risk context.

David is a family man that takes time out for Xbox, woodworking, and good whiskey. He forgets things due to years of rugby but is old enough to appreciate keeping notes in a paper notebook. David found his love for computers early, going with his dad to the computer store and watching him build 8086 clones. After high school, David joined the US Army and spent some time as a Cav Scout. After leaving the Army, David started his career as a developer for a few small businesses. Since then, he has been in Systems Engineering and InfoSec for around 15 years. This work has taken him through positions in the Department of Defense, Intelligence Community, USSOCOM, and the Dept. of Veterans Affairs. David enjoys dissecting software and helping developers better understand how to create resilient applications. David is the President of the Charleston, SC ISSA chapter, a Red Team member on PCDC, and runs the CTF for bSides Charleston. You can find him speaking at smaller conferences or rambling about meaningless junk on Twitter.

@dacoursey

Back to BSides Augusta 2016 video list