Profile of Bishop Fox Instructors & John H. Sawyer
Consultant
News & Commentary Posts: 5
John H Sawyer, Senior Security Analyst, InGuardians
John H Sawyer is a Senior Security Analyst with InGuardians, where he specializes in network, mobile, and web application penetration testing. John has an extensive background in intrusion analysis, forensics, and incident response. He has consulted with federal, state, and local law enforcement agencies on malware analysis, hacker attacks, and digital forensics. He is also a respected author and public speaker. John currently writes for Dark Reading and InformationWeek Magazine.
Bishop Fox Instructors
Bishop Fox is a global security consulting firm. We are the trusted advisors to the Fortune 1000, financial institutions, and high-tech startups – helping to secure their commerce, data, IT infrastructure, and intellectual property. Founded in 2005, our team is made up of dedicated individuals with a combined 400+ years of experience working in both corporate America and global security.
For more than a decade, Bishop Fox professionals have been authoring best-selling security books, such as Web Application Security: A Beginners Guide, Hacking Exposed: Web Applications 3rd Edition, and Hacking Exposed: Wireless, 1st and 2nd Editions. Having actually "written the book" on many topics in our field, we consistently demonstrate that few others can truly claim subject matter expertise in the same way that we do.
Articles by Bishop Fox Instructors & John H. Sawyer
10/2/2014
One of the greatest challenges in e-commerce is to build a website that is extremely easy for customers to access and use – but extremely difficult for online criminals to attack. In this session, we offer an overview of defenses against Internet-based threats -- including DDoS attacks, DNS exploits, and cross-site scripting – to help enterprises steel their sites against potential compromise.
Post a Comment
10/2/2014
Most attacks on retail and e-commerce websites are conducted by cyber criminals who want to steal large databases of personal information and credentials. In this session, we offer a closer look at the methods used to penetrate a retailer’s back-end systems – including targeted attacks on databases, DDoS “smokescreens” used to obfuscate more sophisticated exploits -- and other surprises that can happen during a DDoS attack.
Post a Comment
10/2/2014
One of the great ironies of e-commerce is that online system security is usually at its weakest during the most critical time periods, such as the holiday shopping season. In this session, we provide counsel on the preventative and the operative measures that can be taken when traffic is at its highest – and system and human resources are stretched to the maximum.
Post a Comment
10/2/2014
To develop an effective defense against online threats, an e-commerce company must understand its attackers and their methods. In this session, we outline the various types of attackers who target online commerce, including those who prey on the corporate website and those who prey upon the customers themselves. We offer an inside look at the bad guys behind recent attacks on retail websites, as well as a discussion of fraudsters who scam customers into giving up personal information and online credentials.
Post a Comment
10/2/2014
Once an online business has shored up its defenses against new threats, it must develop an ongoing program for monitoring its systems for potential compromises – and measuring the risk faced by the business. In this session, we offer tips for building systems and processes for tracking threat and fraud indicators, and for creating real metrics for benchmarking the current threat environment.
Post a Comment