Web application security is much more then running a security scanner and turning over the results to the customer. Pen testers are missing business logical, authentication and other vulnerabilities because security scanners are not good at finding them. This talk will explain how to automate the scanning process and free up more time to spend on business logic vulnerabilities and other commonly missed things.

Security Professional that is passionate about protecting company assets from cyber threats, skilled at offensive security and defensive security. Over the course of my career I have obtained certifications in Network security and System administration. A self starter that is always looking for ways to do things better and challenge myself. Specialties include:Penetration testing, Incident response, Information Security Solution Development, System administration, Network administration, Process automation, Firewall administration and Anti-virus management.

Back to Bsides Cleveland 2017 video list