Thursday, May 06, 2010

Free Hands on Workshop on Web Application Security in New York City

Ever wondered how a hacker hacks all these credit cards? Do you think hacking a website is difficult? What are the skills required to hack a website?

ISSA NY Metro chapter is organizing a 3 hour workshop on web application security. This session will show you how easy it is to steal credit card numbers, SSN, etc by doing a SQL injection attack or how you can steal passwords, hijack a session using Cross Site Scripting (XSS). This session will not only make you think like a hacker but also make you find and exploit vulnerabilities in a live web application that closely resembles those containing your personal information, credit card numbers and even medical history.Attendance is free for ISSA members and $35 for non members. This is a hands on session so please bring a laptop to this event to fully benefit from the material that will be presented. If you do not have a laptop, you should still attend and share with another member, or follow along on the big screen. PLease do not send RSVP, instead register at the link below.

Only 30 seats left

Event Type : Workshop / Hands on Training
Date & Time : May 27, 2010 2pm - 5pm
Price : Free for members, 35 for non-members

Location :

300 Madison Ave (Corner 42 Street)
New York, NY 10017

Registration Link -
Event Link -

Wednesday, May 05, 2010

MyAppSecurity - Secure Your Applications

As some of you know that I joined WhiteHat Security as a Director of Education Services since Dec 2007 to build their training division from scratch. Though it has been a very demanding job but it has been very satisfying too. I enjoyed working with various companies, training their developers and QA professionals and resolving their web application security issues. Through training, I not only trained people at various companies but also got a chance to interact with different development and security professionals and understand the challenges they were facing and guided them in building a solution that works.

Though WhiteHat is more about finding problems (vulnerabilities) and they do a wonderful job of it, I consider myself more of a solutions guy, meaning how to fix those vulnerabilities and that is where my past experience as a developer and architect, helps me a lot. Not to mention my experience as a Technology Risk Officer at Citigroup, where I contributed in building a Technology Risk Management program to protect their web applications. So, being a solutions guy, training was a perfect fit for me at WhiteHat but now I want to do more than just training, I want to utilize my skills to help companies in addressing their web application security challenges through my own company "MyAppSecurity".

I also want to thank WhiteHat for giving me the opportunity to work with some of the brightest brains in the industry. Its been a wonderful experience and I got to learn so many things not just about the security field but also about on the operation side of a small business. I will definitely be using this experience in establishing my own company. I want to wish WhiteHat Security luck in achieving their goals. I am definitely keeping my stock options :)

If any of you guys are looking for solutions to resolve your web application security challenges, feel free to shoot me an email at anurag (at) myappsecurity (dot) com or call me at 919-244-0803.