Web Security Common security threats and hacking . Nahidul Kibria Co-Leader, OWASP Bangladesh , Senior Software Engineer, KAZ Software Ltd. Twitter:@nahidupa. Writing code for fun and food. And security enthusiastic. Shahee Mirza # Certified Ethical Hacker (C|EH).
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Web Security Common security threats and hacking
Co-Leader, OWASP Bangladesh,Senior Software Engineer, KAZ Software Ltd.
Writing code for fun and food. And security enthusiastic
# Certified Ethical Hacker (C|EH).
# Microsoft® Certified Systems Administrator.
#Information Security Consultant, Nexus IT Zone.
The vast majority of web applications have serious security vulnerabilities!
Most developers not aware of the issues.
Parameter tempering /sniffing
DIRECT OBJECT REFERENCE
The attack surface is growing!
Study: Global cybercrime costs more than illegal drugs
Global drug trade—about $288 billion
I don’t have any sensitive data.
I’m not even serve any important data.
I have no enemy
Turn your pc to zombie
This is a problem
S e c u r ity
Attacker not use black art to exploit your application
OWASP Bangladesh Chapter
Bangladeshi community of Security professional
Open for all
Free for all
What do we have to offer?
Presentations & Groups
Open Forums for Discussion
Vendor Neutral Environments
Existing Enterprise Security Services/Libraries
Application Security Verification Standard Project
Define the process
Code review tool
“The developer will provide me with a secure solution without me asking”
Get OWASP Books
#1 Information Security Crime Investigator/Forensics Expert
#2 System, Network, and/or Web Penetration Tester
#3 Forensic Analyst
#4 Incident Responder
#5 Security Architect
#6 Malware Analyst
#7 Network Security Engineer
#8 Security Analyst
#9 Computer Crime Investigator
#10 CISO/ISO or Director of Security
#11 Application Penetration Tester
#12 Security Operations Center Analyst
#13 Prosecutor Specializing in Information Security Crime
#14 Technical Director and Deputy CISO
#15 Intrusion Analyst
#16 Vulnerability Researcher/ Exploit Developer
#17 Security Auditor
#18 Security-savvy Software Developer
#19 Security Maven in an Application Developer Organization
#20 Disaster Recovery/Business Continuity Analyst/Manager
Subscribe mailing list
Keep up to date!