Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
AppSecUSA 2015 - Buy ticket at http://2015.appsecusa.org/buy/
 
View analytic
Friday, September 25 • 11:30am - 12:25pm
Security Testing for Enterprise Messaging Applications

Sign up or log in to save this to your schedule and see who's attending!

Lab material available for download here: 
https://drive.google.com/folderview?id=0BxSfMVkfLvslTVlzSXNYalVLX3c&usp=sharing
Please download before arriving at the conference!

The training will cover security testing concepts for enterprise messaging applications. An example JMS based application hosted on ActiveMQ messaging broker will be used to for the hands on training. Open source JMSDigger will also be used leveraged.
The training will cover the following concepts:
1. Enterprise messaging basics
2. Attacks on Queues and Topics
3. Testing authentication, authorization with JMS API
4. Discuss additional attack scenarios

Speakers
avatar for Gursev Singh Kalra

Gursev Singh Kalra

Sr Product Security Engineer, salesforce.com
Gursev Singh Kalra is a Sr. Product Security Engineer at Salesforce.com. Earlier he was working with McAfee as a Senior Principal Consultant and led multiple software security service lines. He loves to write security tools and has authored free tools, like JMSDigger, TesserCap, Oyedata, SSLSmart and clipcaptcha. He has performed security research on CAPTCHAs schemes and implementations, JMS based enterprise messaging applications, OData... Read More →


Friday September 25, 2015 11:30am - 12:25pm
Room E