September 24, 2009
Attack Your Database Before Others Do - Todd DeSantis, Sentrigo
In this presentation, we will show typical security flaws found in PL/SQL and Java code due to programmer mistakes. We will demonstrate how to use existing open-source scanning and fuzzing tools to automatically find and flag such flaws, and also demonstrate how creating your own tools in PL/SQL can help you keep your code secure.
In this presentation, you will learn:
1. Common security mistakes developers make
2. How to use open source tools to find those mistakes
3. How to roll out your own PL/SQL fuzzer
Todd DeSantis brings a wealth of technical knowledge and a passion for using technology to better society to his position as lead North American Sales Engineer at Sentrigo. With a background in computer science from Worcester Polytechnic Institute, Todd has been using his understanding of computer programming and database systems throughout his career. At Sentrigo Todd is striving to bring a higher level of database security and safety to the enterprise. Prior to Sentrigo Todd successfully helped Fortune 50 companies rethink data access paradigms with Endeca Technologies. Todd started his career at Enerjy Technologies where he helped organizations improve overall levels of Java code quality and visibility. In his spare time Todd, an avid audiophile, enjoys working toward creating the 'absolute sound' with hi-fi audio systems, and enjoys many different genres of music.
For information on usual meeting locations and times as well as previous
meeting minutes and presentations please refer to the
For further information or enquiries regarding meetings please
contact the SOUG meeting coordinator.