Securing Web Applications Made Simple and Scalable

  • Thursday, 10 Oct 2013 1:00PM EDT (10 Oct 2013 17:00 UTC)
  • Speakers: Stephen Sims, Mark Painter, Gregory Leonard

Many organizations put an enormous amount of responsibility and faith into automated penetration testing frameworks, and security professionals have an obligation to ensure these tools meet these high demands. Web applications are still one of the most common vehicles in which attackers breach confidentiality, exposing sensitive data and often pivoting through into an organization's internal network. In this one-hour webcast we will take a close-up look at the latest version of HP's WebInspect tool, and give you insight as to how it can be effectively used to secure your web applications. Most importantly, we want to evaluate its effectiveness in meeting critical requirements including:

  • Automation and Ease in Configuration
  • Support for Large Scans
  • False Positive Reduction
  • Advanced Attack Technique Simulation
  • Detailed Reporting and Remediation Guidance

We will walk through various attack scenarios and examples, such as SQL Injection and Cross-Site Request Forgery (CSRF), interpreting the results and providing insight into the latest features.

Sign up for this webcast and be among the first to receive an advance copy of a SANS whitepaper containing details of Gregory Leonard's review of HP WebInspect, in which he was advised by Stephen Sims.

Click here to view the associated whitepaper.