Web Cache Poisoning – Timur Guvenkaya – PSW #699 | SC Media
Application isolation

Web Cache Poisoning – Timur Guvenkaya – PSW #699

June 21, 2021

Sponsored By

sponsor Visit https://securityweekly.com/netsparker for more information!

This presentation will cover how incorrect implementation of caching mechanism within web application might lead to the Web Cache Poisoning vulnerability that can potentially affect all the users using the web application.

Segment Resources:
www.netsparker.com

This segment is sponsored by Netsparker.

Visit https://securityweekly.com/netsparker to learn more about them! Visit https://www.securityweekly.com/psw for all the latest episodes!

Full Episode Show Notes

Web Cache Poisoning - Timur Guvenkaya

Guests

Timur Guvenkaya

Timur Guvenkaya - Security Engineer at Invicti Security

@ntguv

Security Engineer with a 3+ year history of managing the security of web applications, APIs, conducting security code reviews on various programming languages, and conducting security research. Currently working as a Security Engineer at Invicti Security, the world’s leading provider of dynamic web application security solutions that secures organizations from small businesses to Fortune 50 companies. Excited to learn new technologies such as Blockchain & AI to find ways to combine them with cybersecurity.

Hosts

Adrian Sanabria

Adrian Sanabria - Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn't shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Doug White

Doug White - Professor at Roger Williams University

@dougwhitephd

Doug White is a Cybersecurity professor at Roger Williams University, the President of Secure Technology, and a Security Weekly network host.

Jeff Man

Jeff Man - #HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems

@MrJeffMan

Cryptanalyst, infosec analyst, pioneering ex-NSA pen tester, PCI specialist and certified security curmudgeon. Currently a Sr. InfoSec Consultant for Online Business Systems.

Paul Asadoorian

Paul Asadoorian - Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Announcements

  • Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!

prestitial ad