- Montreal 2012
You've been hacked, and you're both the web developer and the sysadmin. It was probably through that sketchy plugin you just added to your third-party PHP application. You removed it, but they're back. Now what? In this presentation we will walk through the steps of dealing with security incidents, from identifying that the compromise occurred, how it happened, and what they did after they got in. We'll go through several very real post-compromise scenarios that we hope are never useful
View all 161 sessions
David is a founder of Subgraph, an open source security startup based in Montreal. Subgraph develops Vega, a free and open source web security testing platform. Previously David was one of the founders of SecurityFocus, where he moderated Bugtraq, a forum for security research with over 50,000 members at its peak. David has spoken at OSCON, FISL, Con Foo, Black Hat, CanSec West, and AusCERT, as well as made contributions to books, magazines, and other publications.