Difference between revisions of "OWASP AppSec DC 2012/Pentesting Smart Grid Web Apps"

From OWASP
Jump to: navigation, search
(Created page with "<noinclude>{{:OWASP AppSec DC 2012 Header}}</noinclude> __NOTOC__ == The Presentation == rightWeb applications have not only conquered most us...")
 
 
(One intermediate revision by one user not shown)
Line 2: Line 2:
 
__NOTOC__
 
__NOTOC__
 
== The Presentation  ==
 
== The Presentation  ==
[[Image:Owasp_logo_normal.jpg|right]]Web applications have not only conquered most user interfaces in traditional IT markets, they are also quickly replacing most user interfaces in critical control systems such as SCADA, Smart Meters, Distribution Management, and other Smart Grid master servers.  And if the servers weren't enough, now they are starting to appear in the embedded devices deployed in the field.  This talk will discuss all the places where web applications and web services are being used in today's modern electrical grid.  We will also discuss the challenges that penetration testers new to critical control systems will face and how they can successfully overcome those challenges.
+
Web applications have not only conquered most user interfaces in traditional IT markets, they are also quickly replacing most user interfaces in critical control systems such as SCADA, Smart Meters, Distribution Management, and other Smart Grid master servers.  And if the servers weren't enough, now they are starting to appear in the embedded devices deployed in the field.  This talk will discuss all the places where web applications and web services are being used in today's modern electrical grid.  We will also discuss the challenges that penetration testers new to critical control systems will face and how they can successfully overcome those challenges.
 
== The Speakers  ==
 
== The Speakers  ==
Justin Searle
+
<table>
 +
<tr>
 +
<td>
 +
===Justin Searle===
 +
[[Image:AppSecDC12-Searle.jpg|left]]Justin Searle is a Managing Partner of UtiliSec, specializing in Smart Grid security architecture design and penetration testing.  Justin led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and currently plays key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP).  Justin has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences, and is currently an instructor for the SANS Institute.  In addition to electric power industry conferences, Justin frequently presents at top security conferences such as Black Hat, DEFCON, OWASP, and AusCERT. Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudanum.  Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), and Web Application Penetration Tester (GWAPT).
 +
</td>
 +
</tr>
 +
</table>
 
<noinclude>{{:OWASP AppSec DC 2012 Footer}}</noinclude>
 
<noinclude>{{:OWASP AppSec DC 2012 Footer}}</noinclude>

Latest revision as of 14:34, 25 March 2012

AppSecDC-468x60-banner-2012.jpg

Registration Now OPEN! | Hotel | Schedule | Convention Center | AppSecDC.org

The Presentation

Web applications have not only conquered most user interfaces in traditional IT markets, they are also quickly replacing most user interfaces in critical control systems such as SCADA, Smart Meters, Distribution Management, and other Smart Grid master servers. And if the servers weren't enough, now they are starting to appear in the embedded devices deployed in the field. This talk will discuss all the places where web applications and web services are being used in today's modern electrical grid. We will also discuss the challenges that penetration testers new to critical control systems will face and how they can successfully overcome those challenges.

The Speakers

Justin Searle

AppSecDC12-Searle.jpg
Justin Searle is a Managing Partner of UtiliSec, specializing in Smart Grid security architecture design and penetration testing. Justin led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and currently plays key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP). Justin has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences, and is currently an instructor for the SANS Institute. In addition to electric power industry conferences, Justin frequently presents at top security conferences such as Black Hat, DEFCON, OWASP, and AusCERT. Justin co-leads prominent open source projects including the Samurai Web Testing Framework, Middler, Yokoso!, and Laudanum. Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), and Web Application Penetration Tester (GWAPT).

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors

SPL-LOGO-MED.png

Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png

Exhibitors

link=http://www.codenomicon.com/ Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg