Many organization focus on defending their networks and their applications. This presentation will review frameworks and projects that intentionally showcase how not to do it, and discuss the many benefits of such projects.
Topics of discussion and some light demos will include:
· Testing network and application scanners (products)
· Testing network and application scanners (people)
· Testing source code analysis tools
· Examining code that allows the vulnerabilities
· Testing of network and application firewalls
· Testing of IDS/IPS systems
· Reviewing evidence left by attacks
· Have fun and generate interest in the field