Join us at OWASP AppSec APAC 2014 !!
Back To Schedule
Wednesday, March 19 • 5:00pm - 5:50pm
次の大きな攻撃の波に準備しろ!:CMSシステムへのハッキング / Get Ready for the Next Big Wave of Attacks: Hacking of Leading CMS Systems

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!



The flow of this talk is given by – you! Before this talk, we emailed the audience to provide us with their favorite WordPress plugins that they would like to test for security. In a live demo, we assess the security of the requested plugins. Previous similar trials that we performed on WordPress showed that 30% of the top 50 most downloaded plugins were vulnerable to common Web attacks. What will be the results of this experiment?

As we’ll continue to show, assessing the security posture of a plugin is only the hacker’s first step in mass attacks. As opposed to past mass SQL Injection attacks which leveraged tools such as SQLMap, these next wave of attacks do not focus on the site’s platform or customized development code. Rather, these attacks leverage on the increasing popularity of CMS platforms such as WordPress and Joomla. The maturity, prevalence and market penetration of CMS platforms allow any marketing, sales or HR individual to easily set up their own fully-operational site. Accordingly, CMS apps are flourishing – and so are the vulnerabilities in these apps.

avatar for Sanjay Agnani

Sanjay Agnani

General Manager, New Business Development Dept., Intelligent Wave Inc
アグナニ サンジェ/Sanjay Agnani,General Manager, New Business Development Department,Intelligent Wave Inc., Japan (A DNP Group Company)Sanjay Agnani is General Manager of New Business Development for IntelligentWave Inc., Japan. Sanjay has more than nineteen years of experience... Read More →
avatar for Helen Bravo

Helen Bravo

Product Management Director, Checkmarx
Helen Bravo is the Product Manager at Checkmarx. Helen has more than fifteen years of experience in software development, IT security and source-code analysis. Prior to working at Checkmarx, Helen has worked in Comverse one of the biggest Israeli Hi-tech firms as a software engineer... Read More →

Wednesday March 19, 2014 5:00pm - 5:50pm PDT
Secure Your Site Hall(HALL WEST)

Attendees (0)