A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Web Application testing - approach and cheating to win - Jim McMurry & Lee Neely & Chelle Clements Derbycon 2017 (Hacking Illustrated Series InfoSec Tutorial Videos)

Web Application testing - approach and cheating to win
Jim McMurry & Lee Neely & Chelle Clements
Derbycon 2017

As security professionals we are often called upon to assess the security of web delivered applications and/or services. Not all of us have either experience or a methodology for responding to this type of assessment request. Web based applications and services are the key technologies behind modern service delivery. And their security, or lack thereof, can make or break a company. We will lay out an approach to follow including tools to help with the assessment throughout each step of the process. We will discuss free and commercial products that can assist the assessment process. The user will leave with information they can take back to their home organization to serve as a foundation for either an ad-hoc or ongoing capability.

Jim McMurry is an accomplished Technologist with an entrepreneurial mindset with over 23 years of combined experience in Security, Information Technology, Telecommunication, Networking, Management and Software development. Jim's varied experience in network security, military projects, IT and high-tech arenas, with startups through Fortune 1000 companies, provides him with a unique set of tools as he grows Milton Security. He volunteers for numerous charities, and supports Veterans through the Milton Veteran Hiring program. Lee Neely is a senior IT and security professional at Lawrence Livermore National Laboratory with over 25 years of extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. He currently leads LLNL’s Entrust team and is the CSP lead for new technology adoption specializing in mobility. He teaches cyber security courses, and holds several security certifications including GMOB, GPEN, GWAPT, GAWN, CISSP, CISA, CISM and CRISC. He is also the Technology Director for the ISC2 Eastbay Chapter. Chelle Clements has been associated with computer science and cyber security for over 20 years. She has an AAS in Environmental Science from Northern Virginia Community College, and a BS and an MS in Information Systems Management from University of San Francisco. She is an Army Veteran, one of the first women in the Corps of Engineers (she has some great stories!). She spent 30-years at Lawrence Livermore National Lab as a researcher in three different fields (chemistry, physics and computer science) and also as a community outreach volunteer. She currently supports several Veteran causes with pro bono web development (such as East Bay Stand Down) and serves on her city’s art commission.

Jim - @jmcmurry, Lee - @lelandneely

Back to Derbycon 2017 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast