April
28
Meeting Details:
January 24, 2008 Sentrigo's Todd DeSantis will be presenting a new angle on this popular attack vector. He will describe types and techniques of SQL Injection attacks on web applications as well as Oracle built-in database stored procedures. He will demonstrate just how simple it is for an attacker to own the database server via privilege escalation by way of SQL Injection. Defenses against these attack vectors will also be discussed. Todd comes to us with a background in Computer Science from Worchester Polytechnic Institute and a career assisting various Fortune 50 companies with their data access paradigms and Java code quality. He is currently Lead North American Sales Engineer for Sentrigo with a focus on bringing a higher level of database safety and security to the enterprise. In his spare time, Todd is an avid audiophile, attempting to create the 'Absolute Sound' with hi-fi audio systems. For information on usual meeting locations and times as well as previous
meeting minutes and presentations please refer to the
meetings page.
|
