POSITIVE HACK DAYS



ORGANIZER

Program

Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web Applications

Want to visit   +109

Author: Denis Kolegov

Co-author: Nikolai Tkachenko

The report describes non-invasive methods for elimination of vulnerabilities in logical access control and data stream management systems of web applications. You will learn basic approaches that help implement new access control policy and eliminate some of the most common authorization vulnerabilities without modifying the web application's source code.

  • Language
  • Russian

Denis Kolegov is Candidate of Engineering Sciences, Docent of Information Security and Cryptography Chair at Tomsk State University, a senior security engineer at F5 Networks. He has been a speaker at such IS conferences as PHDays III Young School, PHDays IV, ZeroNights 2014, and Sibecrypt.

Denis Kolegov Denis Kolegov, Nikolai Tkachenko

Back to the list