Vulnerabilities, Risks, and Mitigations - How Are Websites Hacked?

Presented on: Friday, October 16th at 7:00 PM EDT



Video does not load or you see a "Video Unavailable" error after we were supposed to start? Try reloading the page because we may be running late starting the video. We are using Facebook Live to stream this event so if Facebook is blocked on your computer, you may need to try a different device to watch.




Resources



View Upcoming Events View Past Event Recordings

Another day, another headline describing stolen data or ransomware payments. Thirty years into the World Wide Web, we do not seem to have figured out how to use it without putting personal data and assets at risk. This lecture will review how a web application works and where we find inherent security weaknesses. Using that background, we will take on the hacker’s mindset and attack several web applications. Our attacks will steal data and mislead users to take unintended actions. We will wrap up by considering a few basic concepts that web programmers should apply to mitigate the vulnerabilities we have seen. Dave's background includes 25 years of enterprise system design and development. He began teaching at Skidmore in 2014 and teaches courses on programming, software engineering, databases, web development, and data security. His background and areas of research interest focus on data integration, semantics, and security. Dave has published a variety of articles on large scale business system design and presents regularly at data and architecture conferences. He earned his master's degree in Engineering and Business at Union Graduate College and his bachelor's degree in Computer Information Systems at The College of Saint Rose. His initial collegiate endeavors began at Westminster Choir College where he studied voice, keyboard, and music education.