PR Newswire: news distribution, targeting and monitoring
2014
See more news releases in High Tech Security  | Computer Electronics  | Trade Show

Lunarline Presents Live Demo Of Application Hacking At AppSec Conference In Austin, TX

Share with Twitter Share with LinkedIn

ARLINGTON, Va., Oct. 24, 2012 /PRNewswire/ -- Lunarline will be giving a presentation on application hacking at the OWASP AppSec USA 2012 Conference, being held at the Hyatt Regency Hotel in Austin, Texas on October 24th and 25th. The presentation, titled "Reverse Engineering of 'Secure' HTTP APIs with an SSL Proxy," focuses on a common (but insecure) method of securing HTTP APIs with SSL and how a malicious user may exploit this. The presentation will include a live demonstration of a man-in-the-middle attack on a mobile device application. 

(Logo: http://photos.prnewswire.com/prnh/20110622/PH24580LOGO )

The proliferation of mobile devices has led to increased emphasis on native applications, such as Objective-C applications written for iOS or Java applications written for Android. Nonetheless, these native client applications frequently use HTTP APIs to communicate with a backend server. In addition, browser-based applications are growing more complex, and are also more likely to make asynchronous calls to HTTP APIs.

Properly configured SSL will protect a protocol from eavesdropping (man-in-the-middle attack) but will not protect that protocol from the end user himself. Lunarline's presentation will demonstrate how an end user can use an SSL proxy to decrypt and reverse engineer the HTTP API.

Mark Haase, Lunarline Senior Software Developer, and Alejandro Caceres, Lunarline Computer Network Operations Engineer, will be presenting their talk at 10am CT on October 24th in the Gemalto Room - Hill Country C. Haase developed Lunarline's SCAP Sync web application, a search engine and repository for Security Content Automation Protocol (SCAP) content. Caceres is leading research and development efforts on Lunarline's flagship cyber offensive capability and is a lead member of Lunarline's penetration testing team.

For a full schedule and to read more about our presentation, please see the AppSec 2012 website at http://www.appsecusa.org/

Please visit www.lunarline.com after the conference to view a recording of the presentation, courtesy of AppSec. 

About Lunarline
Lunarline is a leading cyber security and privacy provider to the US Federal Government, as well as private industry. Our unique approach to cyber security combines our proven products, specialized services, and certified training together as a complete solution customized for the success of your cyber mission. Lunarline is an accredited FedRAMP Third Party Assessment Organization (3PAO).

LUNARLINE: SOLUTIONS BUILT ON SECURITY™

For more information, visit http://www.lunarline.com/.

Contact
Carolyn Morse, Media Relations
carolyn.morse@lunarline.com

571-481-9312

SOURCE Lunarline



RELATED LINKS
http://www.lunarline.com

Featured Video

Journalists and Bloggers

Visit PR Newswire for Journalists for releases, photos, ProfNet experts, and customized feeds just for Media.

View and download archived video content distributed by MultiVu on The Digital Center.

Share with Twitter Share with LinkedIn
 

Custom Packages

Browse our custom packages or build your own to meet your unique communications needs.

Start today.

 

 
 

PR Newswire Membership

Fill out a PR Newswire membership form or contact us at (888) 776-0942.

 
 

Learn about PR Newswire services

Request more information about PR Newswire products and services or call us at (888) 776-0942.

 

Online Member Center

Not a Member?
Click Here to Join
Login
Search News Releases
Advanced Search
Search
  1. PR Newswire Services
  2. Knowledge Center
  3. Browse News Releases
  4. Contact PR Newswire
  5. Send a News Release