A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:


It's Just a Flesh Wound! - Brett Gravois NolaCon 2016 (Hacking Illustrated Series InfoSec Tutorial Videos)

It's Just a Flesh Wound!
Brett Gravois

As more and more companies are breached via the web, security professionals continue to focus their attention on the critical and high severity vulnerabilities. While this approach would seem to make sense, it overlooks the fact that attackers are getting in through a key attack vector: low to medium severity vulnerabilities. Chained together, these 'low hanging fruit' vulnerabilities can own your web application. This presentation will help security teams think more holistically about the attack landscape. It will illustrate how an attacker can chain together lower end vulnerabilities to own your web application, the tools and tactics they might use, and how to prevent this from happening to you.

Brett Gravois is a member of the Perimeter Scanning Services team at Rapid7. He has over 16 years of experience in IT and Security, specializing in PCI practices, vulnerability scanning and management.

Recorded at NolaCon 2016

Back to NolaCon 2016 video list

Printable version of this article

15 most recent posts on Irongeek.com:

If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast