Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
Join us at AppSec California 2014!


AppSec California is the first of hopefully many annual conferences hosted by all of the California chapters. Join us on the beaches of Santa Monica which is closest to our Los Angeles Chapter. Space is limited to around 200 attendees so be sure to get your ticket before we sell out!

Come a little early or stay the rest of the week; however you enjoy it, the weather is likely going to be warmer than where you are. Enjoy the Santa Monica pier and downtown area or explore the surrounding cities. You probably have a client or 10 near by too so say hello to them too.

Stay tuned as activities around the event are updated and more speakers are added to the lineup. A schedule will come at some point.


Register today! 
View analytic
Tuesday, January 28 • 9:30am - 10:30am
Application Sandboxes: Know thy limits

Sign up or log in to save this to your schedule and see who's attending!

As we secure applications leveraging sandboxes, it is important to understand the attack surface as it presents opportunities for attackers. In this talk we’ll decompose application sandboxes from the lens of a pen-tester. We look at various popular sandboxes such as Google Chrome, Adobe ReaderX, and Sandboxie, amongst others, and discuss the limitations of each technology and its implementation details. Further, we discuss in depth with live exploits how to break out of each category of sandbox by leveraging various kernel and user mode exploits – something that future malware could leverage. Some of these exploit vectors have not been discussed widely and awareness is important.

Speakers
avatar for Rahul Kashyap

Rahul Kashyap

Chief Security Architect, Head of Research, Bromium
Rahul Kashyap is Chief Security Architect, Head of Security Research at Bromium. Before joining Bromium, he led the worldwide Threat Research teams at McAfee Labs, a wholly owned subsidiary of Intel. Rahul has created and worked on several security technologies that are deployed in highly sensitive military, government, banking and healthcare institutions around the world. He has led cyber defense strategies for several initiatives such as... Read More →


Tuesday January 28, 2014 9:30am - 10:30am
Track 1

Attendees (5)