Security B-Sides London 2015

3rd of June 2015
ILEC Conference Centre 47 Lillie Road, London, SW6 1UD
Back To Schedule
Wednesday, June 3 • 11:00am - 11:45am
Why bother assessing popular software?

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Many popular software packages have gone through many iterations of white and black box testing raising the bar for attackers. Overtime the security controls become more effective, however these software packages have large evolving attack surfaces.

In this talk we discuss a case study which includes how we approached assessing Adobe Reader, how we made progress and why it is worth investing the time and effort on targets such as this. We discuss fuzzing, the sandbox and delve into the Javascript API. A refreshing look into how we can make a difference by looking at complex targets.


James Loureiro

James Loureiro is a security consultant at MWR InfoSecurity. James conducts research into a number of different technologies for clients and independently and has experience in vulnerability research, reverse engineering and embedded systems. James also conducts computer security... Read More →

David Middlehurst

David Middlehurst is a Principal Security Consultant at MWR InfoSecurity where he conducts security assurance projects for clients spanning a range of sectors. He has worked in computer security since 2009 and has experience across a variety of technologies. His specialisms include... Read More →

Wednesday June 3, 2015 11:00am - 11:45am
a. Track 1