Dan Kaminsky to Present at Source Boston

IOActive's Director of Penetration Testing to discuss strategies for securing the Web

Seattle, Wash—April 19, 2010. IOActive, a leading provider of software assurance, compliance, and smart grid security services, today announced that its Director of Penetration Testing, Dan Kaminsky, was selected to present The Fine Art of Hari Kari (.JS) and Other Approaches for the Strange Reality of Web Defense at SOURCE Boston. Launched in 2008, the purpose of the SOURCE Conference is to bridge the gap between technical excellence and business acumen within the security industry.

Securing the web is a difficult task that often leads to friction between web developers, browser manufacturers, and security professionals. During this presentation, Kaminsky will discuss techniques for mitigating entire classes of cross-site scripting and cross-site request forgery attack. He also will discuss Treelocking, a generic mechanism for mitigating injections into protocols as diverse as SQL, LDAP, XML, and JSON.

WHAT  The Fine Art of Hari Kari (.JS) and Other Approaches for the Strange Reality of Web Defense

WHERE  Seaport Hotel. One Seaport Lane, Boston, MA 02210

WHEN  April 23, 2010. 12:30–1:20 pm

HOW  For more information about SOURCE Boston, visit their website.

About Dan Kaminsky
Dan Kaminsky is the Director of Penetration Testing at IOActive, where he specializes in design-level fault analysis, particularly against massive-scale network applications. Previously of Cisco and Avaya, Kaminsky has operated professionally in the security space for over 10 years. He is well known for his Black Ops series of talks at the well-respected Black Hat Briefings. Kaminsky regularly collects detailed data on the health of the Internet, and used this data to detect the worldwide proliferation of a major rootkit. In 2008, he discovered a major flaw in the Internet's DNS infrastructure and worked with security engineers around the world, protecting countless organizations and individuals against this threat.

About IOActive
Established in 1998, IOActive is an industry leader that offers comprehensive computer security services with specializations in smart grid technologies, software assurance, and compliance. Boasting a well-rounded and diverse clientele, IOActive works with a majority of Global 500 companies including power and utility, hardware, retail, financial, media, aerospace, high-tech, and software development organizations. As a home for highly skilled and experienced professionals, IOActive attracts the likes of Dan Kaminsky, Ilja van Sprundel, Mike Davis, and Wes Brown—talented consultants who contribute to the growing body of security knowledge by speaking at such elite conferences as Black Hat, Ruxcon, Defcon, Shakacon, BlueHat, CanSec, and WhatTheHack. For more information, visit www.ioactive.com.

-###-