Talk Intermediate 11:45 - 12:15 August 09, 2024

Iggy

Explore the intricacies of time-based SQL injection through the lens of Operation GhostShell. This session delves into the methods used by attackers to exploit time delays for data extraction, highlighting real-world examples and the impact of these breaches on major universities. Attendees will gain a deep understanding of the technical aspects, see live demonstrations, and learn practical defense strategies to safeguard against such vulnerabilities. Perfect for security professionals seeking to enhance their knowledge of advanced SQLi techniques and mitigation.

Iggy

Axonius, Security Engineer

Igor Stepansky is a Platform Security Engineer at Axonius with two years of experience, specializing in the integration of security within DevSecOps. With a background in cybersecurity analysis in the Defense Aerospace industry, Igor expertly applies open-source tools to enhance software development security against digital threats. He champions a comprehensive security approach, emphasizing static and dynamic analysis, secrets management, and robust infrastructure as code (IaC). Igor is committed to fostering a security-conscious culture, advocating for practices that empower developers and engineers. His pragmatic and visionary perspective on cybersecurity positions him as a key figure in the field, offering actionable and forward-thinking insights.