Mandiant is excited to sponsor this year's AppSec DC conference, April 2-5, 2012. If you are attending the conference, make sure to stop by and see us in the exhibitor hall.
In addition to sponsoring, both Ryan Kazanciyan, principal consultant at Mandiant, and Chuck Willis, technical director at Mandiant, will be presenting at the conference.
Ryan's talk, Old Webshells New Tricks: How Persistent Threats have revived an old idea and how you can detect them, will discuss how web-based backdoors continue to be leveraged by sophisticated, targeted attackers and the challenges that they pose to forensic analysts conducting large-scale investigations. In particular, Ryan will focus on the usage of webshells as a post-exploitation mechanism for maintaining persistence in an environment - a backup method of remote access - rather than a tool utilized in the initial entry vector. He will focus on the forensic artifacts that usage of such malware leaves behind on the host and on the network, and discuss techniques for rapidly identifying unknown web-based malware across servers. You can catch Ryan's presentation on Wednesday, April 4 at 4:30pm ET.
Chuck's presentation, OWASP Broken Web Applications (OWASP BWA) 1.0 Release, will provide an overview of the OWASP Broken Web Applications (OWASP BWA) project, the features in the 1.0 release, and the vision for the project's future. AppSec DC attendees can watch Chuck's talk on Wednesday, April 4 at 3:30pm ET.
To find out more about AppSec DC, click here. We hope to see you at this week's conference!