[unisog] SANS Sec542 Web Pen Testing Course at Brown University

Wayne J. Hauber wjhauber at iastate.edu
Mon Sep 14 14:42:08 GMT 2009

At 04:55 PM 8/30/2009, you wrote:
>Content-class: urn:content-classes:message
>Content-Type: multipart/signed; micalg=SHA1;
>         boundary="----=_NextPart_000_0004_01CA299B.0295C580";
>         protocol="application/x-pkcs7-signature"
>Monday, October 5, 2009 through Saturday, October 10, 2009, Brown University
>will be hosting SANS Security 542 "Web App Penetration Testing and Ethical

A question about dates. You mention October in your e-mail to unisog. 
The web page says January 2010. Which is right?

Wayne Hauber

>About the class:
>Web applications are a major point of vulnerability in organizations today.
>Web app holes have resulted in the theft of millions of credit cards, major
>financial and reputational damage for hundreds of enterprises, and even the
>compromise of thousands of browsing machines that visited Web sites altered
>by attackers. To learn how to prevent such exploits, students in this
>intermediate to advanced level class, will:
>* Learn the art of exploiting Web applications so they can find flaws in
>their enterprise's Web apps before the bad guys do. Through detailed,
>hands-on exercises students are taught the four-step process for Web
>application penetration testing.
>* Inject SQL into back-end databases, learning how attackers exfiltrate
>sensitive data.
>* Utilize Cross-Site Scripting attacks to dominate a target infrastructure
>in our unique hands-on laboratory environment.
>* Explore various other Web app vulnerabilities in depth with tried-and-true
>techniques for finding them using a structured testing regimen.
>* In short, learn the tools and methods of the attacker, so that they can
>become powerful defenders.
>Recommended for:
>General security practitioners, as well as Web site designers, architects,
>and developers, who'll benefit from learning the practical art of Web
>application penetration testing.
>Bob Fletcher
>IT Security Engineer
>CIS Information Security Group
>Brown University
>unisog mailing list
>unisog at lists.dshield.org

Wayne Hauber (515) 294-9890
Information Technology Services
IT Security and Policies
297 Durham Center, ISU, Ames, Iowa 50011
wjhauber at iastate.edu  

More information about the unisog mailing list