The High Risk of Low Risk Applications

DerbyCon 3.0 - All In The Family

Presented by: conrad reynolds
Date: Friday September 27, 2013
Time: 17:00 - 17:50
Location: Track 1
Track: Break Me

Is your network being hacked by agents of foreign governments? That’s a shame. But your web applications might be susceptible to attacks from much more everyday threats. To counter them, does you company do application risk assessments? There are always limited resources to doing assessments and testing; how do you decide which applications deserve the most attention? In this talk, we will review a real-life situation where what management thought was a innocent little low risk application actually had some nasty secrets in its closet.

conrad reynolds

“Conrad has held a variety of positions in IT Audit, Application Development, Management, and Web Security in Fortune 50, non-profit, and government sectors. He has been implementing and advising on IT security solutions for several years. He currently hacks government web apps for a living.”


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats