LASCON 2015: Your Last Manual Assessment

View analytic

Your Last Manual Assessment

This is not a talk about integrating ZAP with Jenkins ;). Security has fallen behind the automation used by the rest of the software industry, and I’ll show you how we can catch up. There are plenty of automated tools used in our profession. For mission critical applications, none of them provide the coverage we need to sleep easy. Manual testing can also be extremely time consuming. This talk will show you how to turn any manual assessment into an automated script. I’ll demonstrate how to solve the more difficult aspects of security automation like XSS validation by utilizing browser hooks. Finally, I’ll cover how to build robust automated security tests that are ready to be plugged into a continuous delivery system.

Speakers

Greg Anderson

Senior Security Engineer, Pearson

Greg Anderson is a security professional with diverse experience ranging from vulnerability assessments to intrusion detection and root cause analysis. Though he primarily focuses on cloud security, Greg’s recent endeavors have been centered around incorporating vulnerability assessments into continuous delivery systems. | | Greg’s previous work focused on unconventional attack vectors and how to maximize their impact while avoiding... Read More →

Friday October 23, 2015 1:00pm - 2:00pm
Cypress Room Norris Conference Center, Austin

Attacks and Tooling Track

Host Organization LASCON

LASCON 2015

Greg Anderson

Attendees (25)

Recently Active Attendees

LASCON 2015

Sign up or log in to save this to your schedule and see who's attending!

Greg Anderson

Attendees (25)

Recently Active Attendees