Slides available on http://asfws12.files.wordpress.com/2012/11/asfws2012-maxime_feroul-oauth_un_protocole_qui_authentifie.pdf Maxime Feroul started his presentation with the fact that we all currently have many different identities on the Internet. Federating a common solution is far from being easy, as it must be secure and easy for all stakeholders. Ideally, you would want to use your LinkedIn, Xing or SalesForce profile to […]
Slides available on http://asfws12.files.wordpress.com/2012/11/node_security_presentation_v3_asfws.pdf In a similar way than the previous day’s OPA presentation of Alok, Sven Vetsch guided us through Node.js, a high performance JavaScript web server based on Google’s V8 engine. Node.js (abbreviated Node afterwards) features a full API with no blocking actions. With a simple “Hello World!” example in JavaScript we got […]
Slides available on http://asfws12.files.wordpress.com/2012/11/asfws2012-jean_philippe_aumasson-martin_bosslet-hash_flooding_dos_reloaded.pdf As denial of service attacks based on hash-flooding are not a new topic, Jean-Philippe Aumasson and Martin Boßlet started with an introduction about this topic. Storage of data in hash tables is usually done for any array-based information, such as data sent for a GET or a POST request towards a […]
Original Prezi presentation available on http://prezi.com/qhv0ra2qhxoz/asfws-2012-keynote-2/. Prezi converted slides available on http://asfws12.files.wordpress.com/2012/11/asfws2012_keynote2.pdf Olivier Brique, VP Cybersecurity Technology of Swiss company Kudelski offered us an insightful and dynamic dive into the history of his company, initially producing high quality microphone before developing Pay-TV solution and finally announcing, on the 21st of last month, a new cyber […]
Slides available on http://asfws12.files.wordpress.com/2012/11/dropbox-asfws-version.pdf It was a full (or even an overfilled) room, in which several people did not find a seat, which listened to Nicolas Ruff and Florian Ledoux’s presentation. The topic is certainly appealing but the reputation of Nicolas Ruff aka newsoft (“Security researcher, hacker, blogger, serial speaker, troll herder, happy father & […]
Slides available on http://asfws12.files.wordpress.com/2012/11/yverdon-2012-secweb-analyse-tech-vs-contextuelle.pdf This talk from Matthieu Estrade (CTO of Bee Ware), entitled officially “Sécurité des application web, analyse technique versus analyse contextuelle” was in fact a kind of sales pitch for Bee Ware, a special kind of Web Application Firewall (WAF). Compass Security has an extensive knowledge about leading WAF products in the […]
Slides available on http://asfws12.files.wordpress.com/2012/11/appsec2012_opa.pdf Alok Menghragani already presented the initial keynote of the conference. This time, he presented us a personal project, not linked in any ways to his current employer. Started in 2008, OPA is an open-source framework designed for being used by companies. Instead of having to learn different technologies for different platforms, […]
Slides available on http://asfws12.files.wordpress.com/2012/11/mimikatzasfws.pdf Benjamin Delpy, aka GentilKiwi, presented us the sekurLSA and crypto part of his trendy and increasingly famous tool called Mimikatz. If you haven’t heard of it yet, I’m convinced that once you read this article and the slides, you’ll certainly want to try out this great tool immediately on a Windows […]
Slides available on http://asfws12.files.wordpress.com/2012/11/asfws2012-pascal_junod-jean_roland_schuler-obfuscator.pdf Both presenters, Pascal Junod and Jean-Roland Schuler work for the HES-SO – the University of Applied Science Western Switzerland. This talk is the follow-up of last year’s presentation, including the improvements done since. While Pascal Junod, from the HES-SO HEIVd (Yverdon-les-Bains) focused on obfuscating binaries based on their source code, Jean-Roland […]
Slides available on http://asfws12.files.wordpress.com/2012/11/appsec2012_keynote.pdf Alok Menghragani graduated in Lausanne with a Master at the EPFL before joining Facebook in 2008, which was back then still a young startup with “only” 100 millions users. He gave us an interesting insight in how Facebook manages over 10 millions of lines of code while keeping “move fast and […]
© 2026 Compass Security Blog