The topic of presentation: Stupid Mistakes. Architecture and Business Logic Vulnerabilities.
Abstract: Software vulnerabilities in architecture and business logic are very popular according to different research (Trustwave report logical flaws are on the 2nd place) as they cannot be easily found by programming methods. Thus, logical vulnerabilities are still considered state of art and there are still very stupid mistakes made in business logic that can be used to gain full access to vulnerable application.
Update: We will show four (in the Announcement we were talking only about one) real examples of security assessment of different business applications and ERP-systems, some of them are used in 500 Fortune Global companies. The talk will be about really crazy and stupid architecture vulnerabilities, most of them are very hard to patch, and this is very funny, commented Alexander Polyakov.