Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Seven Business Logic Flaws
that put your Website at Risk

Jeremiah Grossman
WhiteHat Security founder  CTO




           ...
2


          Jeremiah Grossman
             • WhiteHat Security Founder  CTO
             • Technology R and industry eva...
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)
Upcoming SlideShare
Loading in …5
×

Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)

2,638 views

Published on

Session handling, credit card transactions, and password recovery are just a few examples of Web-enabled business logic processes that malicious hackers have abused to compromise major websites. These types of vulnerabilities are routinely overlooked during QA because the process is intended to test what a piece of code is supposed to do and not what it can be made to do. The other problem(s) with business logic flaws is scanners can’t identify them, IDS can’t detect them, and Web application firewalls can’t defend them. Plus, the more sophisticated and Web 2.0 feature-rich a website, the more prone it is to have flaws in business logic.

Published in: Business, Technology
  • Be the first to comment

Seven Business Logic Flaws that put your Website at Risk - Harvard (07062008)

  1. 1. Seven Business Logic Flaws that put your Website at Risk Jeremiah Grossman WhiteHat Security founder CTO © 2008 WhiteHat Security, Inc. 1
  2. 2. 2 Jeremiah Grossman • WhiteHat Security Founder CTO • Technology R and industry evangelist (recently named to named to InfoWorld's CTO 25 List) • Frequent international conference speaker • Co-founder of the Web Application Security Consortium • Co-author: Cross-Site Scripting Attacks • Former Yahoo! information security officer © 2008 WhiteHat Security, Inc. 2

×