Last Day to Get a MacBook Air, Surface Pro 7, or $350 Off with OnDemand - Register Now!

Pen Test HackFest 2019

Bethesda, MD | Mon, Nov 18 - Mon, Nov 25, 2019
This event is over,
but there are more training opportunities.

Leveraging Graph Databases to Find Zero Days & Business Logic Flaws

  • John McDonald, Director of Engineering
  • Tuesday, November 19th, 12:15pm - 1:15pm

This technical lunch & learn, will teach application security professionals how to query a semantic graphical representation of their source code to identify business logic flaws and zero day vulnerabilities including: data leakage, rootkits, backdoors, logic bombs, sql injection, cookie injection and XXE. Many of these vulnerabilities cannot be found by traditional code analysis tools, which rely on pattern-matching, because traditional code analysis has no insight into unique business logic or custom sanitization steps. However, new graph-based approaches, that combine the security analyst's knowledge with powerful query languages, are helping identify zero-day vulnerabilities 10-20X faster than manual review.

ShiftLeft

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
Tuesday, November 19
Session Speaker Time Type
Leveraging Graph Databases to Find Zero Days & Business Logic Flaws John McDonald, Director of Engineering Tuesday, November 19th, 12:15pm - 1:15pm Lunch and Learn
HackFest Night Out! Tuesday, November 19th, 6:00pm - 8:00pm Special Events