This event has ended. Visit the official site or create your own event on Sched.
Get your ticket and additional info and support at jcon.one
Tuesday, October 5 • 09:00 - 10:00
Application Penetration Testing – DOs and DON‘Ts

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
"Penetration Test" - an attack simulation. But how is pentesting defined? Are there "paid hackers"? How does efficient application testing works? How do I mitigate risks? The talk spotlights well known methods and "hack" within these methods, to speed up testing and be way more efficient. The following questions will be answered: - Should I test against Dev/Stage/Prod? - What's the best time for testing? - What's an efficient approach for testing roles and rights? - Why is OWASP Top 10 a great document, but not usable for Penetration Testing? - Why are CATCHAs a potential problem for testers? - Should I test with or without the Web Application Firewall? - What do you mean by "horizontal and vertical privilege escalation"? The talk covers test experience of 20 years and hundreds of web applications.

avatar for Tobias Glemser

Tobias Glemser

CEO of secuvera, BSI certified penetration tester, secuvera GmbH
Tobias Glemser, Geschäftsführer der secuvera, ist BSI-zertifizierter Penetrationstester und Technischer Leiter für Penetrationstests. Herr Glemser ist Autor mehrerer Fachartikel u.a. in den Zeitschriften c’t und iX und Referent bei Seminaren und Kongressen (z. B. OWASP AppSec... Read More →

Tuesday October 5, 2021 09:00 - 10:00 CEST
#2 Main EN/DE