Location: Health Sciences Building, 155 College St., Auditorium Technical Level: Highly Technical Speaker: Nish Bhalla and Rohit Sethi, Security Compass Web application security continues to be one of the most pressing issuesfacing enterprises today. While many security experts understand theneed for application threat modeling, few have actually implemented themsuccessfully in practice. In their talk to TASK, Nish Bhalla and RohitSethi of Security Compass will demonstrate a variety of web applicationsattacks and present a threat model that can be used to mitigate againstthose attacks. The presenters bring practical lessons learned fromperforming penetration testing, source code review, and threat modelingat a variety of clients. Attacks and defenses presented include: SQL Injection XS...