Webcasts

April 12, 2011 - Fuzzing 101 Webinar:

Fuzz your infrastructure - the blackhats are doing it, shouldn't you?

Codenomicon

About Fuzzing 101 and Codenomicon

Codenomicon has been active in the field of Fuzzing since 1996. The company works with companies industries to improve the security of a wide range of communication products and services. Fuzzing 101 webcasts provide vendor neutral advice on Fuzzing, and demonstrates how Fuzzing tools can be used for various purposes.

It's what you don't know that makes you vulnerable

Abstract

Zero-day (a.k.a. unknown) vulnerabilities are the achilles heel for IT security; attacks exploiting zero-days have a free license to wreak havoc in a business environment. Current vulnerability discovery technologies typically focus on managing known vulnerabilities, and does not in itself constitute a complete vulnerability management strategy.

In this Fuzzing 101 webcast, our guest speaker is the VP and principal analyst Dr. Chenxi Wang from Forrester Research Inc. She will discuss the concept of "fuzzing your infrastructure". Fuzzing is a technique that is often used to discover zero-day vulnerabilities. The bad guys are using fuzzing constantly; shouldn't you know how to use it to your advantage?

In this webcast you will learn how to incorporate fuzzing in your vulnerability management strategy, where and when to do fuzzing, and the criteria via which to select an effective fuzzing tool.


Speakers

Chenxi Wang

Chenxi Wang, PhD

Vice President, Principal Analyst, Forrester Research Inc.

Chenxi serves Security & Risk professionals. She is a leading expert on content security, application security, and vulnerability management. Chenxi leads the effort at Forrester to build the application security and Web 2.0 security research portfolio. Chenxi's research builds on her in-depth technical insights and her years of research experience. Chenxi covers topics such as best practices for content and application security, emerging threats, and operational aspects of security deployment. Chenxi has also written about the China technology market and closely follows the technology adoption trends in that market.

Prior to Forrester, Chenxi was the chief scientist for KSR, a risk management service provider startup in Silicon Valley. Previously, Chenxi was an associate professor at Carnegie Mellon University (CMU). She was an instrumental faculty member behind the inception of CMU's Cylab. At CMU, Chenxi led a number of high-profile research projects, including multimillion dollar projects from the Department of Defense and National Science Foundation. Chenxi was a consultant to the Emerson, FTC, HP Labs, Lucent, and a number of venture capital companies.

Chenxi has been frequently quoted in the press, including such media outlets as Infoworld and The New York Times. An accomplished public speaker, Chenxi also has delivered keynote and highlighted speeches at many events, including Chevron's IT conference, Forrester Leadership Boards events, and other customer events. In her previous role as an academic, Chenxi delivered many research talks at top academic conferences and institutions such as Stanford University and the University of Cambridge.

Ari Takanen

Ari Takanen

Ari Takanen, founder and CTO of Codenomicon, has been active in the field of software security testing research since 1998. He has focused on information security issues in next-generation networks and security critical environments. In his work at Codenomicon and OUSPG (Oulu University Secure Programming Group), Mr. Takanen's primary goal has been ensuring that new technologies gain wide public acceptance by providing means of measuring and solidifying the quality of networked software. Mr. Takanen is one of the members of the original PROTOS research project, which studied information security and reliability errors in e.g. WAP, SNMP, LDAP, VoIP implementations. Mr. Takanen is a distinctive member of the global security testing community, a noted author and a regular speaker at various testing and security conferences, universities and international corporations. He is an author of two books on VoIP security and security testing.


Download / View Online

This webcast is unavailable at the moment. Please contact Forrester if you are interested to hear about their opinions on Fuzzing.


Fuzzing 101 Webcasts