- Tools & Templates
- Security Jobs
- Data Protection
- Identity & Access
- Business Continuity
- Physical Security
- Security Leadership
RSA preview: Drive-by downloads: How to avoid getting a cap popped in your app speaker
I usually decide such things a couple minutes beforehand, because I like to live security conferences on the edge. But the description of a talk Neil Daswani and Lars Ewe plan to give could be interesting.
Read and judge for yourselves:
Session Code: HT2-203Session Title: Drive By Downloads: How to Avoid Getting a Cap Popped in Your AppSpeaker: Neil Daswani, Co-Founder and Chief Technology Officer of Dasient Inc. and Lars Ewe, Chief Technology Officer and Vice President of Engineering at Cenzic, Inc.
Scheduled Date(s)/Time(s): Wednesday, February 16 11:10 AM
Red Room 104Session Length: 50 minutes
Session Abstract: This talk will present state-of-the-art web-based malware attacks and describe how the techniques used have evolved over time. Learn how today’s attackers use additional mechanisms to inject malicious code, conduct multiple injections into a single web page, use multi-DOM node injections, foil first generation web-based malware scanners and rely on social engineering technologies.Prerequisite knowledge Attendees should have a general understanding of web application security and malware threats.Session learning objectives
Attendees will gain increased awareness of drive-by-downloads, and how they have morphed over time, as well as an understanding of modern drive-by-download techniques. To support this, we will provide code samples of new, modern-day drive-by-download attacks and highly technical information. We will also provide pointers to freely available resources, including a Twitter data feed that can be used by attendees and webmaster to stay on top of the newest drive-by-download infection types.
I'll highlight more of these as I dig deeper.
Thanks to cloud computing, your business data is everywhere and being accessed by everyone. Making the wrong decision to protect your data can result in high costs, increased risk and executive exposure. View this live webinar on cloud security and the evolving data center, and learn why a data-centric approach to security is the best bet for today's virtual environment.
- Redefine Business Portability
- Prevent Mobile Devices from Loading Dangerous Code
- Expanding Your Security Perimeter: Common Sense for Navigating Today's Threat Landscape
- Fighting Fraud Videos: IBM Intelligent Investigation Manager
- IBM Intelligent Investigation Manager: Online Product Demo
- Webinar: IBM IIM for Fraud, Abuse and Waste in Government