POSITIVE HACK DAYS



ORGANIZER

Program

Developing DBFW from scratch

Want to visit   +56

Authors: Denis Kolegov and Arseny Reutov

The talk describes technical aspects of developing a Database Firewall prototype from scratch, such as:  what is required to develop DBFW; whether machine learning can be used for effective detection of SQL injection based on SQL requests; how to detect SQL injections using syntax analysis; and how to implement attribute and role-based access control. The speaker will also tell about prospective application protection mechanisms based on firewalls and static code analysis.

  • Language
  • Russian

Denis Kolegov
PhD in Technical Sciences. An Associate Professor at the Tomsk State University (the information security and cryptography department). The lead of the application protection technics research team at Positive Technologies.

Arseny Reutov
Graduated from Mari State University in 2012. Head of the application protection research department at Positive Technologies. An author of various research papers on information security and the web security blog raz0r.name. Specializes in information security issues, penetration testing, and analysis of web applications and source code.

Denis Kolegov and Arseny Reutov Denis Kolegov and Arseny Reutov

Back to the list