Wednesday, July 22, 2009

SOUG: Attack Your Database Before Others Do

SOUG, also know as the Suncoast Oracle Users Group, is holding it's montly meeting tomorrow night in Tampa. The meeting is held at the PricewaterhouseCoopers facilities located across the street from Raymond James Stadium, home of the Tampa Bay Buccaneers.

Todd DeSantis, of Sentrigo will be presenting. I will not try and recreate the presentation description, I'll just practice the fine art of cut and paste.
In this presentation, we will show typical security flaws found in PL/SQL and Java code due to programmer mistakes. We will demonstrate how to use existing open-source scanning and fuzzing tools to automatically find and flag such flaws, and also demonstrate how creating your own tools in PL/SQL can help you keep your code secure.

In this presentation, you will learn:
1. Common security mistakes developers make
2. How to use open source tools to find those mistakes
3. How to roll out your own PL/SQL fuzzer

Todd DeSantis brings a wealth of technical knowledge and a passion for using technology to better society to his position as lead North American Sales Engineer at Sentrigo. With a background in computer science from Worcester Polytechnic Institute, Todd has been using his understanding of computer programming and database systems throughout his career. At Sentrigo Todd is striving to bring a higher level of database security and safety to the enterprise. Prior to Sentrigo Todd successfully helped Fortune 50 companies rethink data access paradigms with Endeca Technologies. Todd started his career at Enerjy Technologies where he helped organizations improve overall levels of Java code quality and visibility. In his spare time Todd, an avid audiophile, enjoys working toward creating the 'absolute sound' with hi-fi audio systems, and enjoys many different genres of music.
There are possible opportunities for (beer) networking afterwards.

No comments: