Podcasts Technology Black Hat Briefings, Las Vegas 2006 [Video] Presentations from the security conference Chuck Willis : Web application Incident Response and forensics- A Whole new ball game.

Chuck Willis : Web application Incident Response and forensics- A Whole new ball game.

Published: June 4, 2006, 11:10 p.m.

b'Web applications are normally the most exposed and the most easily compromised part of an organization\'s network presence. This combination requires that organizations be prepared for web application compromises and have an efficient plan for dealing with them. Unfortunately, traditional techniques for forensics and incident response do not take into account the unique requirements of web applications. The multi-level architecture, business criticality, reliance on major database and middleware software components, and custom nature of web applications all create unique challenges for the security professional. Responding to a web application attack brings many unique issues, often with no clear right and wrong answers, but this talk will provide useful information to guide attendees down this bumpy path.\\n\\t\\n\\tChuck Willis is a Senior Consultant with Mandiant, a full spectrum information security company in Alexandria, Virginia, where he concentrates in incident response, computer forensics, tool development and application security. Prior to joining MANDIANT, Chuck performed security software engineering, penetration testing, and vulnerability assessments at a large government contractor and also conducted computer forensics and network intrusion investigations as a U.S. Army Counterintelligence Special Agent. Chuck holds a Master of Science in Computer Science from the University of Illinois at Urbana-Champaign and has previously spoken at the Black Hat Briefings USA, the IT Underground security conference in Europe, and DefCon. Chuck has contributed to several open source security software projects and is a member of the Open Web Application Security Project, a Certified Information Systems Security Professional, and a Certified Forensic Computer Examiner. Chuck\'s past presentations are available on his Web site.\\n\\t\\n\\tRohyt Belani is a Director at Mandiant and specializes in assisting organizations with securing their network infrastructure and applications. His expertise encompasses the areas of wireless security, application security and incident response. Rohyt is also an experienced and talented instructor of technical security education courses. Prior to joining MANDIANT, Rohyt was a Principal Consultant at Foundstone. Earlier in his career, he was a Research Group Member for the Networked Systems Survivability Group at the Computer Emergency Response Team (CERT). Rohyt is a frequent author of articles on SecurityFocus and is also a contributing author for "Hack Notes-Network Security" and "Extrusion Detection: Security Monitoring for Internal Intrusions". Rohyt is a regular speaker at various industry conferences and forums like OWASP, HTCIA, FBI-Cyber Security Summit, ASIS, HP World, New York State Cyber Security Conference, HackInTheBox-Malaysia, and CPM. Rohyt holds a Bachelor of Engineering in Computer Engineering from Bombay University and a Master of Science in Information Networking from Carnegie Mellon University and is a Certified Information Systems Security Professional (CISSP)."'