No Followers? No Botnet? No Problem! Asymmetric Denial of Service Attacks - HT-107

Bryan Sullivan, Senior Program Manager, Microsoft Corporation

Facing increasingly tougher privilege escalation defences, cybercriminals and “hacktivists” are moving to highly efficient and effective asymmetric denial of service tactics – in some cases, taking out entire server farms with a single HTTP request. This session will explore the code and design flaws behind some of the newest and deadliest of these application-level DoS vulnerabilities.

Bryan Sullivan is a Senior Security Program Manager at Microsoft, where he focuses on cloud security issues. Prior to Microsoft, he was a Senior Security Researcher with Adobe Systems, and a development manager at HP, where he helped to design HP's vulnerability scanning tools WebInspect and DevInspect. Bryan has spoken at security industry conferences such as RSA Conference, Black Hat, BlueHat and TechEd on topics such as "big data" security, RIA architecture, REST, cryptography, denial-of-service defense, URL rewriting, and applying secure development processes to Agile projects. He was the author of the MSDN Magazine column Security Briefs, and is also the coauthor of the books Ajax Security and Web Application Security: A Beginners Guide.

Speaker

Headshot

Bryan Sullivan Senior Program Manager, Microsoft

← View more Podcasts

This document was retrieved from http://www.rsaconference.com/podcasts/60/no-followers-no-botnet-no-problem-asymmetric-denial on Mon, 24 Nov 2014 12:43:36 -0500.
© 2014 EMC Corporation. All rights reserved.