It’s no secret that web application weaknesses such as SQL injection and cross-site scripting represent a thorn in the side of developers and security pros alike – especially since the remediation process can be complex and code issues can perpetuate across multiple applications. So it makes sense to proactively test your applications versus real attacks not only for security’s sake, but also for justifying remediation requests with undeniable proof of exploitability.

Using the classic Audrey Hepburn movie “How to Steal a Million” as inspiration, Secure Ideas consultant and SANS instructor Kevin Johnson will demonstrate the latest web application exploitation techniques and introduce you to tools that can make the pen testing process easier.

You'll learn how to... 

• execute various web application exploits during penetration tests
• pivot through a vulnerability to reveal risks to backend systems
• limit exploitation and prevent damage by actual attackers

Kevin will also discuss the various tools that he recommends and uses during his testing engagements. Don’t miss this opportunity to hone your web application pen testing skills!