Web Application Attacks and Countermeasures: Cases Studies from Financial Systems# t6 |7 K7 J5 g4 i/ a0 o
5 c Y3 W4 j$ j2 z
时间:
Jan 23th 2:30pm- I. z6 ^$ y# \/ {1 \5 g1 `% b
地点: EBC church secondfloor meeting room.
4 v# P) g4 m, ^% V2 B. w 2121 Cedar Hill Cross Rd.
; j1 j0 m0 G7 q" |: R' I
$ B' T z1 P8 B& s. Z5 n5 jPresented By: D
r. Yanguo (Michael) Liu
: A2 v' [& P7 d& I @( C/ z6 h0 }
0 [8 `3 J Z5 Z/ I$ P
Summary: Web applications are commonly provided by today’s financialorganizations, supporting diverse online services in various businesscontexts. Attacks and malicious activities targeting on webapplications of financial systems increased dramatically in recentyears as traditional network-level security devices can’t detect andcounter adequately web application attacks. Compromises of webapplications can lead to the exposure of business crucial informationstored on the backend database system. Some web attacks areparticularly concerned by application developers since severe financiallosses can be caused by the success of those attacks. This presentationwill introduce some typical attack types faced by financial webapplications along with their corresponding real life mitigatingcontrols.
2 X y0 [6 ~! G2 i6 u# N
7 u9 }7 T @ n% T5 i) }( ZSpeaker's brief Bio:Dr. Yanguo (Michael) Liu received his B.Eng (Electrical Engineering)from HIT, China and MAsc. PhD degrees in softwareengineering from University of Victoria, Canada. His academic researchfocused on technologies andmethodologies in software security engineering, including formalverification of software specification and software security metrics,etc. Dr. Liu started to work in industry during his graduate studiesand have obtained experiences in different domains of informationsecurity, such as Cryptography, Operating system security, andApplication and Systems Development Security, etc. He is currentlyworking as an application security consultant for the global ITsecurity team, HSBC Inc. Michael also maintains a certified informationsystemssecurity professional (CISSP).
+ P4 C9 O H; Y' s
4 h' C( \2 W) t" J
4 A7 a& e. z8 S3 w7 DEveryone is welcome!( T. F! s3 {+ {$ d
4 V. ~- \4 ^' j$ X$ N& I. i' v欢迎大家加入
维多利亚 IT 俱乐部: Currently over 100 members
4 }0 M0 g7 ?5 s4 ]8 hhttp://groups.google.com/group/victoria_it?hl=en