AIM | HDC has ended

AIM Heartland Developer Conference is the region’s best developer & designer conference covering the latest trends, techniques, technologies, and best practices in software design and development.

As a conference attendee you have access to all sessions (on Thursday and Friday) so you can plan your own custom itinerary. There is a separate fee of $50 for workshop sessions held on Wednesday, September 7.  

Schedule is subject to change.

To learn more about AIM HDC, visit heartlanddc.com

Back To Schedule
Friday, September 9 • 11:15am - 12:00pm
Oops We Forgot: From the Eyes of an Attacker

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The world is filled with frameworks packed with layer after layer of protection. Things like XSS and SQL Injection are becoming easier to mitigate by simply using a pre-built library. OAuth, SAML, and OpenID are drop in authentication / authorization frameworks. TLS libraries are baked into every major language now. Yet the role of a penetration tester is still a valuable one that frequently bears fruit. Why?

From the eyes of a programmer-turned-application penetration tester, these are the top 10 things I see development teams forgetting to do in production despite the presence of such powerful libraries. We'll go over each basic item, explain the risk involved, how to mitigate, and discuss the likely reasons we forget about them.

avatar for Ethan Wilder

Ethan Wilder

Manager Application Security, Allstate

Friday September 9, 2016 11:15am - 12:00pm CDT
Windsor III-IV