Things Your Browser Never Told You
Thursday, June 18, 2015
11:00 HRS PT/14:00 HRS ET
60 minutes, including Q&A
Brought to you by:
Things Your Browser Never Told You - by Angelo Prado & Xiaoran Wang
Challenges and Solutions - by Amit Ashbel
In this webcast, we will showcase the latest trends on browser specific weaknesses and side channels, including creative mechanisms to deceive user’s perception of confidentiality, bypass traditional cross site scripting filters, hijack clipboard contents, successfully perform login and history detection and deliver malicious ghost binaries without a supporting command and control server.
There will be practical demonstrations highlighting new HTML5 features that can be leveraged to carry out stealthy attacks. During the course of these live demos, we will revisit and push the limits of what today’s threats can accomplish with modern web clients.
Angelo Prado is a Senior Product Security Manager at Salesforce.com and an independent security researcher. He has worked as a software and application security engineer for Salesforce, Microsoft, and Motorola. Mr. Prado has a proven record of leading engineering teams of highly trained product security engineers by providing effective application security and building a robust and respected security practice.
Xiaoran Wang is a Senior Product Security Engineer at Salesforce. He has presented at several conferences such as Black Hat USA, Black Hat Asia, ToorCon, HackerHalted, etc. He is passionate about security, especially web application security. At work, he does architectural feature review for security, web penetration testing, security training, security automation, etc.
Amit joined Checkmarx From Trusteer (acquired by IBM). He has been with the security community for more than a decade where he has taken on multiple tasks and responsibilities over the years, including technical and Senior Product lead positions. Amit adds valuable product knowledge including experience with a wide range of security platforms and familiarity with emerging threats and the hi-tech security industry.