PerformFuzz The Web Interface

“PerformFuzz” is unique technique that looks at the “Performance & Security” of rapidly growing software application’s web interface. This session describes a malicious technique known as “Fuzzing” , its impact on a web interface availability & performance like Denial of Economic Resources (DoER) & Crash(DoS).

By targeting the web interface, an attacker may not only try to make the application unavailable but may also try to hamper its performance. As most applications have a web interface, that works as a hotspot gateway for any attacker to perform malicious activities.

The session will talk of a research case study, expected mitigations and also the impact on Cloud Clients. The session will present a new security test, that can be included in performance test suite.

Speaker:

Speaker Software Testing & Quality ConferenceAniket Kulkarni is part of the Product Security team at Symantec. He works as an Application Security Researcher for application pen-tests and software security to make Symantec products more secure, secure by design, secure by default, secure in implementation, and security assured. He has 6 years of experience into Application Software QA and Application Software Security Analysis, have performed below aspects with a defensive security mindset. 1. Penetration testing 2. Threat Modeling 3. Application Security Research, mainly into Fuzzing & Encryption techniques implemented at packet level, for client-server communication. 4. Analyzing new attacks 5. Performance testing 6. Manual testing 7. Automation testing (Silk test tool) 8. Availability and Recover testing 9. Internationalization testing

Aniket Kulkarni will be presenting on “PerformFuzz The Web Interface” at the 2nd Annual IndicThreads.com Conference On Software Quality to be held in Pune, India on 25,26 March 2011.Click here for a list of other Speakers & Sessions @ The Conference

This entry was posted in Sessions. Bookmark the permalink.

Comments are closed.