Session Title

Crash Course in Brain Surgery

Abstract

Crash Course in Brain Surgery (by "brain" I mean "application",
and by "surgery" I mean "security").

Since Codebits is mainly a coder/developer conference, this presentation will be about developing applications securely, primarly Web applications. As we have seen this year, most "standard" flaws, such as XSS and SQLinjection are still being found and exploited in low and high profile applications (remember the Heartland Payment Systems breach, using SQLinjection, where millions of CC numbers were stolen, or the BarackObama.com website ?), even though these vulnerabilities have been known for almost a decade. My talk focuses on raising awareness on the need for developers to think about security, and integrating security throughout the software development lifecycle, helping developers understand the problems, and how these can be avoided. In the talk I'll try to show different types of flaws (language agnostic), from technical flaws (XSS/CSRF/SQLi/etc), to design flaws, business logic flaws, access control flaws, etc, as well as sharing real world examples and experiences from different applications which have #failed.

Language

Portuguese

Speakers

Bruno Morisson

Bruno Morisson is a Senior Information Security Consultant at Commet, a new IT services company from the Oni Group. He currently leads the IT Security Operations teams at Commet, providing services to customers in the financial, public and energy sectors, to who he also provides consultancy, engineering, and auditing services. For the last 10 years he's been involved in several areas of Information Security, from consulting, architecture, engineering, auditing and penetration testing, as well as integration of opensource security solutions. He was one of the founders of the portuguese chapter of the Honeynet Project, and holds several certifications in Information Security (CISSP, CISA, ISO27001 Lead Auditor). (more)


Where

Stage 1

When

Friday, 4 of December of 2009, from 12:00 to 13:00

Files and video

Video

Slideshare

Attendees

Alexandre Amaral de CarvalhoAlexandre Amaral de Carvalho André CruzAndré Cruz Andreia GaitaAndreia Gaita Artur Jorge MartinsArtur Jorge Martins Bernardo RaposoBernardo Raposo Bruno Miguel Bota BarretoBruno Miguel Bota Barreto Bruno MorissonBruno Morisson Bruno SilvaBruno Silva Carla Vanessa Ferreira Alves LeiteCarla Vanessa Ferreira Alves Leite Carlos MoutinhoCarlos Moutinho Carlos RodriguesCarlos Rodrigues Cátia NunesCátia Nunes cíntia pereiracíntia pereira David Emanuel da SilvaDavid Emanuel da Silva David José Vaz cruzDavid José Vaz cruz David JúlioDavid Júlio Dinis CorreiaDinis Correia Felipe Ávila da CostaFelipe Ávila da Costa Filipe Manuel Miranda da CruzFilipe Manuel Miranda da Cruz Filipe VarelaFilipe Varela Francisco AscençaoFrancisco Ascençao Jean FigueiredoJean Figueiredo João BordaloJoão Bordalo João Miguel Forte OliveirinhaJoão Miguel Forte Oliveirinha João Paulo CarvalhoJoão Paulo Carvalho João Paulo Martins MachadoJoão Paulo Martins Machado João Pedro PereiraJoão Pedro Pereira João PoupinoJoão Poupino joão ramosjoão ramos João Rui MartinsJoão Rui Martins João SantosJoão Santos Jorge Miguel Ferreira AlvesJorge Miguel Ferreira Alves José Manuel CanelasJosé Manuel Canelas José Rodrigues da Mata FernandesJosé Rodrigues da Mata Fernandes José Vasco Fidalgo PatrícioJosé Vasco Fidalgo Patrício Luís CoutoLuís Couto Luis NabaisLuis Nabais Luís Pedro Zamith de Passos Machado FerreiraLuís Pedro Zamith de Passos Machado Ferreira Manuel João SilvaManuel João Silva Márcio MoreiraMárcio Moreira Marco NevesMarco Neves Nelson AntunesNelson Antunes Nuno DantasNuno Dantas Nuno CardosoNuno Cardoso Paula ValencaPaula Valenca Pedro CavacoPedro Cavaco Pedro DiogoPedro Diogo Pedro FrazãoPedro Frazão Pedro Moura PinheiroPedro Moura Pinheiro Renato LourençoRenato Lourenço Ricardo AugustoRicardo Augusto Ricardo Dias MarquesRicardo Dias Marques Ricardo SantosRicardo Santos Rogério MachadoRogério Machado Rui LopesRui Lopes Tiago Boldt SousaTiago Boldt Sousa Tiago HenriquesTiago Henriques Tiago MendoTiago Mendo Tiago SáTiago Sá Tiago SerraTiago Serra Tim Koch-GrünbergTim Koch-Grünberg Tomás SenartTomás Senart Wilson Manuel Sousa AlbertoWilson Manuel Sousa Alberto


Estimated head count: 109 people
(based on the total of persons interested in this talk and the universe of people attending Codebits)

Attendance

Full calendar
List of sessions