See more news releases in High Tech Security | Computer Electronics | Trade Show

Lunarline Presents Live Demo Of Application Hacking At AppSec Conference In Austin, TX

Download image

Lunarline logo. (PRNewsFoto/Lunarline, Inc.)

ARLINGTON, Va., Oct. 24, 2012 /PRNewswire/ -- Lunarline will be giving a presentation on application hacking at the OWASP AppSec USA 2012 Conference, being held at the Hyatt Regency Hotel in Austin, Texas on October 24^th and 25^th. The presentation, titled "Reverse Engineering of 'Secure' HTTP APIs with an SSL Proxy," focuses on a common (but insecure) method of securing HTTP APIs with SSL and how a malicious user may exploit this. The presentation will include a live demonstration of a man-in-the-middle attack on a mobile device application.

(Logo: http://photos.prnewswire.com/prnh/20110622/PH24580LOGO )

The proliferation of mobile devices has led to increased emphasis on native applications, such as Objective-C applications written for iOS or Java applications written for Android. Nonetheless, these native client applications frequently use HTTP APIs to communicate with a backend server. In addition, browser-based applications are growing more complex, and are also more likely to make asynchronous calls to HTTP APIs.

Properly configured SSL will protect a protocol from eavesdropping (man-in-the-middle attack) but will not protect that protocol from the end user himself. Lunarline's presentation will demonstrate how an end user can use an SSL proxy to decrypt and reverse engineer the HTTP API.

Mark Haase , Lunarline Senior Software Developer, and Alejandro Caceres , Lunarline Computer Network Operations Engineer, will be presenting their talk at 10am CT on October 24^th in the Gemalto Room - Hill Country C. Haase developed Lunarline's SCAP Sync web application, a search engine and repository for Security Content Automation Protocol (SCAP) content. Caceres is leading research and development efforts on Lunarline's flagship cyber offensive capability and is a lead member of Lunarline's penetration testing team.

For a full schedule and to read more about our presentation, please see the AppSec 2012 website at http://www.appsecusa.org/.

Please visit www.lunarline.com after the conference to view a recording of the presentation, courtesy of AppSec.

About Lunarline
Lunarline is a leading cyber security and privacy provider to the US Federal Government, as well as private industry. Our unique approach to cyber security combines our proven products, specialized services, and certified training together as a complete solution customized for the success of your cyber mission. Lunarline is an accredited FedRAMP Third Party Assessment Organization (3PAO).

LUNARLINE: SOLUTIONS BUILT ON SECURITY™

For more information, visit http://www.lunarline.com/.

Contact
Carolyn Morse , Media Relations
carolyn.morse@lunarline.com
571-481-9312

SOURCE Lunarline

More by this Source

Warrior to Cyber Warrior Graduates Its First Cohort Of Cyber Security Students
Mar 25, 2013, 13:29 ET

Lunarline Named One of Top Businesses by DiversityBusiness
Mar 18, 2013, 09:45 ET

Lunarline CEO Waylon Krush Featured on Executive Leaders Radio Program
Mar 15, 2013, 10:18 ET

View All News by this Source

Journalists and Bloggers

Visit PR Newswire for Journalists for releases, photos, ProfNet experts, and customized feeds just for Media.

View and download archived video content distributed by MultiVu on The Digital Center.

Next in High Tech Security News

Custom Packages

Browse our custom packages or build your own to meet your unique communications needs.

Start today.

PR Newswire Membership

Fill out a PR Newswire membership form or contact us at (888) 776-0942.

Learn about PR Newswire services

Request more information about PR Newswire products and services or call us at (888) 776-0942.