April 13, 2007; 06:13 AM
WhiteHat Security announced today that Jeremiah Grossman, founder and CTO, will present at the upcoming New York/New Jersey Metro OWASP meeting in Jersey City, New Jersey. Grossman will examine internal website vulnerabilities and illustrate how such weaknesses can compromise overall corporate security.
Grossman will track the infiltration of a website by an outside party from initial access to the ultimate manipulation of the entire Web browser.
The presentation will demonstrate:
-- How users are first infected using a malicious Web page or cross-site
scripting (XSS) vulnerability,
-- Remote monitoring and control of infected Web browsers,
-- Web browser reconnaissance on internal networks, and
-- Using a compromised Web browser to exploit internal machines.
Jeremiah Grossman is an industry veteran and expert in website security, as well as a founding member of the Web Application Security Consortium (WASC). His commentary has been featured in publications, such as USA Today, InformationWeek, PC World and NBC. Mr. Grossman is a frequent speaker at industry events including RSA, CSI NetSec, Black Hat Briefings, ISACA's Network Security Conference, NASA and the Air Force and Technology Conference. Prior to founding WhiteHat Security, Mr. Grossman was an information security officer at Yahoo!.
You do not need to be an OWASP member to attend this presentation. To learn more about the NY/NJ OWASP chapter please visit https://www.owasp.org/index.php/New_Jersey.
About WhiteHat Security, Inc.
Headquartered in Santa Clara, California, WhiteHat Security is a leading provider of website vulnerability management services. WhiteHat delivers turnkey solutions that enable companies to secure valuable customer data, comply with industry standards and maintain brand integrity. WhiteHat Sentinel, the company's flagship service, is the only solution that incorporates expert analysis and industry-leading technology to provide unparalleled coverage to protect critical data from attacks. For more information about WhiteHat Security, please visit our website, http://www.whitehatsec.com/.