Rob Beck from Neohapsis presented a SkyTalk titled: “SQL-Gestalt: A MS-SQL Rootkit Framework”.
Kate Pearce and Patrick Thomas from Neohapsis presented a talk titled “Multipath TCP: Breaking Today's Networks with Tomorrow's Protocols”.
There has been a surge of proposed standards and governing documents to improve web security. Client side flaws are being addressed by standards such as content-security-policy and IFRAME sandboxing. Data in transit is being more tightly secured using HTTP Strict Transport Security. There is a plethora of technologies available like X-frame-options, ORIGIN header, encrypted media extensions, and X-XSS-Protection. We look at the intricacies of the proposed and accepted standards as well as how they are implemented. Security considerations will be addressed for these technologies from a design perspective and with a discussion on any weaknesses observed.
217 North Jefferson Street
Chicago, IL 60661
FAX: +1 (773) 394-8314
5605 North MacArthur Blvd
Irving, TX 75038
FAX: +1 (972) 715-2099
Additional Offices and/or
Consulting Concentrations in Boston,
New York City, Washington, D.C.,
Denver, Houston, and Seattle