Web security / penetration testing: introduction

<!--HTML--><p>COMPUTER SECURITY SERIES - @CERN</p> <p>In order to protect computers and networks from malicious attacks, we need to find and fix any vulnerabilities before they are identified and exploited by the bad guys (Black Hats). One of the ways to achieve it is to do penetration (security) testing. To do this efficiently, the good guys (White Hats) have to think and act as the bad guys - but with the ultimate goal of securing the target rather than abusing it.</p> <p>In this and the following seminar, you will learn to think and act like a White Hat penetration tester. We will focus on web applications, as these are the most common targets in any organisation.</p> <p>The introduction to web security penetration testing will cover ethics and rules, remind how HTTP protocol works, demonstrate briefly some web applications server-side vulnerabilities, and demonstrate how client-side tools can help in penetrating testing.</p> <p><strong>Hands-on exercises</strong></p> <p>In order to access the hands-on exercises, please subscribe to <a href="https://e-groups.cern.ch/e-groups/EgroupsSubscription.do?egroupName=whitehat-exercise-access">whitehat-exercise-access</a> egroup (available for CERN accounts owners only).</p> <p><strong>About the speaker</strong></p> <p><span>Sebastian Lopienski serves as CERN's deputy Computer Security Officer. He is also the director of the CERN School of Computing.</span></p> Computing Seminar: Web security series: https://cern.zoom.us/j/95038883222?pwd=NFEyU2Q0UGhYdU9kRDdFRHZ2N3ZnZz09