Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Security B-Sides London 2015

3rd of June 2015
ILEC Conference Centre 47 Lillie Road, London, SW6 1UD
View analytic
Wednesday, June 3 • 11:00am - 11:45am
Why bother assessing popular software?

Sign up or log in to save this to your schedule and see who's attending!

Many popular software packages have gone through many iterations of white and black box testing raising the bar for attackers. Overtime the security controls become more effective, however these software packages have large evolving attack surfaces.

In this talk we discuss a case study which includes how we approached assessing Adobe Reader, how we made progress and why it is worth investing the time and effort on targets such as this. We discuss fuzzing, the sandbox and delve into the Javascript API. A refreshing look into how we can make a difference by looking at complex targets.

Speakers
JL

James Loureiro

James Loureiro is a security consultant at MWR InfoSecurity. James conducts research into a number of different technologies for clients and independently and has experience in vulnerability research, reverse engineering and embedded systems. James also conducts computer security research and assesses Industrial Control Systems (ICS). | | James has worked in computer security since 2011
DM

David Middlehurst

David Middlehurst is a Principal Security Consultant at MWR InfoSecurity where he conducts security assurance projects for clients spanning a range of sectors. He has worked in computer security since 2009 and has experience across a variety of technologies. His specialisms include application security, development of security testing tools and carrying out simulated attacks. | | He also enjoys carrying out computer security research. Last... Read More →


Wednesday June 3, 2015 11:00am - 11:45am
a. Track 1