Tim MalcomVetter (@malcomvetter) has spent the past decade and a half bouncing between writing code and securing systems. Now he’s currently doing both as a security consultant in Optiv’s Software Security Group (formerly Accuvant – FishNet Security), where he performs penetration tests and code reviews on web apps, web services, mobile apps, point of sale systems, and even fuel pumps and car washes (yes, they ran .NET!). In a previous life, Tim has led teams of .NET developers shipping e-commerce features in an agile shop. To his non-technical friends, Tim likes to explain how he has stolen credit cards by memory-scraping Point of Sale systems of merchants where they’ve shopped (that usually gets their attention). Tim has presented in numerous venues, including Black Hat USA, Secure World Expo, and locally at ArchC0N.
From lazy dev mistakes, to misconfigurations of frameworks, to accidentally disabling security features in code, and some design flaws sprinkled in for good measure—this talk will be a run down of com ... more
Speaker: Tim MalcomVetter