Presenting at OWASP AppSec Conference
Antti Rantasaari and I will be delivering our presentation “Escalating Privileges through Database Trusts” at the National OWASP AppSec conference in Irvine, CA on September 10th. We are very excited to have the opportunity to share some the of the common application and database implementation weaknesses we see in the real world. During the presentation we’ll show how those weaknesses can be combined to gain unauthorized access to high value data. The presentation will cover: – Three core issues that contribute to weak application and database configurations – Three common attack and escalation scenarios used during penetration tests – Five fixes to help stop the bleeding – Time for questions and answers For those who are interested come see us at AppSec. You can register online at the AppSec website. See you there!
Explore More Blog Posts
Bypassing Microsoft Entra Conditional Access Policies via Nested App Authentication
Discover how attackers bypassed Microsoft Entra Conditional Access Policies using Nested App Authentication (NAA) flows in this technical vulnerability breakdown.
I’m Just Asking Questions: Social Engineering as a Reporter
Dive into this real-world social engineering assessment where a fake anonymous tip and an adversary-in-the-middle framework tested the limits of an organization's security policies.
Beyond the Hype: What Regulated Industries Need to Know Before Trusting AI Security Tooling
AI security tools can build an attack, but enterprise security teams in regulated industries need consistency, auditability, and predictable costs before they can trust one. Learn why the surrounding infrastructure is where most AI security vendors are still falling short.