Seven Cyber Security Courses in Orlando - Oct. 28-Nov. 2. Save $200 thru 9/25.

San Francisco Spring 2019

San Francisco, CA | Mon, Mar 11 - Sat, Mar 16, 2019
This event is over,
but there are more training opportunities.

Hunting Logic Attacks

  • Hassan El Hadary
  • Tuesday, March 12th, 7:15pm - 8:15pm

One of the most challenging problems to developers these days is to develop secure applications. Development platforms have provided several techniques to protect from common attacks such as Cross-Site Scripting, SQL injection, and others. However, logic attacks are still the hardest to stop. It is tricky and hard to discover. Logic attacks could allow an attacker to gain access to sensitive data or get control of unauthorized systems. In the era of IoT and complex applications, logic attacks will have higher impact. In this talk, we will present several logic attack stories that allow attackers to break developer defenses. All stories are inspired from findings discovered in real life professional experience and bug bounty programs. Finally, we will discuss the future of such attacks and their impact on IoT systems.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
Monday, March 11
Session Speaker Time Type
General Session - Welcome to SANS David Hoelzer Monday, March 11th, 8:00am - 8:30am Special Events
OODA Security: Taking Back the Advantage Kevin Fiscus Monday, March 11th, 7:15pm - 9:15pm Keynote
Tuesday, March 12
Session Speaker Time Type
Hunting Logic Attacks Hassan El Hadary Tuesday, March 12th, 7:15pm - 8:15pm SANS@Night
Wednesday, March 13
Session Speaker Time Type
No Seriously, I Can Still See You! Jonathan Ham Wednesday, March 13th, 7:15pm - 8:15pm SANS@Night
Thursday, March 14
Session Speaker Time Type
Data Protection in the Public Cloud- a Look at the Good, the Bad, and the Ugly Kenneth G. Hartman Thursday, March 14th, 7:15pm - 8:15pm SANS@Night