Aaron Cure
Senior Security Consultant with Cypress Data Defense
Aaron is a senior security consultant at Cypress Data Defense, and an instructor and contributing author for the CDD Introduction to Internet Security in .NET course. After ten years in the U.S. Army as a Russian Linguist and a Satellite Repair Technician, he worked as a database administrator and programmer on the Iridium project, with subsequent positions as a telecommunications consultant, senior programmer, and security consultant. Other experience includes developing security tools, secure code review, vulnerability assessment, penetration testing, risk assessment, static source code analysis, and security research. Aaron holds the GIAC GSSP-.NET, GWAPT, GMOB, and CISSP certifications and is located in Arvada, CO.Presentations
Automating Application Security Testing: Be Offensive!
1:30 PM MDT
While developers and testers use Selenium and other suites to test web application functionality, security often falls to the wayside because it's either too time consuming or they just don't know HOW to test for these issues. In this talk we'll discuss some basic OWASP TOP 10/CWE 25 vulnerabilities and how to discover them.
We'll use Selenium in conjunction with tools, such as ZAP and Burp, to identify vulnerabilities in our applications.