This DevClub will be focus on security because it is and always will be an important topic!
Venue and time for this event: 18.10.2012 18:30 at Hotel Kolonna "Konventa sēta" (conference room – Kampenhauzens), Kalēju street 9/11.
-
Didzis Balodis from DPA Latvia will talk about "Web application security – hacking weak authentication implementations"
(Language – Latvian)
After the latest security breaches when millions of user accounts have been compromised at such companies such as LinkedID, Yahoo and Gamigo we will present the current trends in password attacks, how the different attack vectors work and what kind of weaknesses they exploit. Then we will move on to different strategies of secure authentication implementation and will demonstrate some practical proof of concepts.
Tags: Password attacks, Secure authenticationDidzis Balodis is currently leading IT Security unit in DPA Latvia. He has more than 10 years of IT experience in development, support and administration of IT systems in the public and commercial sector companies. Last five years Didzis has more focused on IT consulting and security audit, serving clients in Latvia and abroad. Most of the time is spent in leading security audit, vulnerability and penetration testing assignments, among his recent clients there are companies from financial, utilities and public sector. Didzis has also developed and is delivering to its clients a User IT security awareness program which often is accomplished with some social engineering attacks. Didzis also holds CISSP and GPEN certifications.
-
Andrey Podshibyakin from C.T.Co will talk about "Mobile security"
(Language – English)
Will talk about 3-4 items from our companies mobile app security checklist. Will describe the problems, provide solution and show code examples or demos. Tags: Mobile app security, iOs examplesAndrey Podshibyakin is working in IT for 6+ years. Geek level 85. Love mobile devices and cutting edge tech. Working in CTCo as development manager in mobile development team.
-
Mehis Hakkaja from Clarified Security OÜ will talk about "Red pill vs. blue pill – penetration testing perspective"
(Language – English)
Edutainment mode presentation of typical web application blunders with live hacking demos and real-life examples my penetration testing team encounters all too often. I wrap it up with some visually entertaining fun with recent Java and IE exploits.
Tags: Penetration testing, Live hacking demos, Real-life examplesMehis Hakkaja is a security practitioner who has viewed IT security from many different viewpoints. Mehis is a U.S. Military Academy, West Point, graduate with a B.Sc. degree in computer science with special interest in cyber warfare. Besides his military background, Mehis has worked as a penetration tester and pentest team leader, security manager for a telecommunications company, has promoted CERTs (Computer Emergency Response Teams) at ENISA (European Networks and Information Security Agency) and has managed information security for a global company. Currently Mehis is the CEO and founder of Clarified Security OÜ which is specialized in technical security audits and penetration testing and also teaches hands-on security courses.
We would also like to thank our sponsors: Devtraining, DPA, 4FINANCE Group and C.T.Co.
