Abstract

Offensive Security involves finding security vulnerabilities in softwares. Not so long ago, vulnerabilities like SQL Injection, and Cross Site Scripting were easy to find and exploit.

But in the recent years after the aftermath of many high profile hack attacks, many organisation and developers have been paying attention to security. It has now come to a point where we have mature security best practices and guideline. Most frameworks and libraries have inherent security controls that prevent commonly known attacks. This has led to once easy to find and exploit vulnerabilities to become difficult to find and complex to exploit.

DevSecOps, a combination of cultural philosophy, concepts, and tools, has led it even further. the DevSecOps process involves utilizing a lot of libraries and frameworks that allow us for automating the build, deploy, and testing phases. The DevSecOps practice has caused web applications to become inherently secure against previously widespread attacks. This doesn't mean that the applications have become completely secure, rather the attack surface has changed.

This talk focusses on how the face of Offensive security or penetration testing has evolved with evolving security and the DevSecOps philosophy.

Speaker

Faiz

I am a Freelance Cyber Security Consultant and Trainer.

You can talk to me about:
1) Penetration Testing
2) Cloud and Infrastructure Security
3) Privacy

Timing

Starts at Sunday August 18 2019, 03:00 PM. The sessions runs for 30 minutes.

Resources