Thursday, May 27, 2010

Talk at SCU


Yesterday evening I drove over to Santa Clara University and was given an opportunity to deliver a guest presentation. The Computer Engineering department has an Information Assurance track for the CE major for the graduate program. So for about an hour I got to talk about computer security incident response.

One of the favorite slides I like to bring out into the presentation is the deobfuscated java script code in web logs. What this means to people outside of the business is where malicious computer code comes across to critical web servers but in such a way that it is hiding its content from inspection, until it gets to the web server. When it arrives at the web server, the obfuscation is removed and the true nature of the content is revealed but then its too late to intercept the malicious code from doing harm to the web server.

No comments: