Posted by Qinglin Jiang on February 24, 2014 in Events

Nowadays security vulnerabilities are often published in a short, vague and incomplete way. We can hardly tell what the vulnerability is, what consequence it has, and what could mitigate it. This presentation will help uncover the details of a vulnerability and show you how to use decompiling tools to find the vulnerable code, how to identify vulnerable functions and parameters, and create exploits. With this information, you will have a better idea of what the real risk is, how to mitigate before patching, and be able to verify whether the patch really works – giving you a choice and control over what you do. The presentation will also review an advanced hacking technique and help attendees better understand Oracle CPU details.

 

RSA Conference Session Info:

Tuesday, Feb 25, 2014 – 4:00-5:00pm

Moscone West, Room 3006

Qinglin Jiang

Qinglin Jiang has been working in the information security industry for over 10 years and is currently a senior security engineer at Ancestry.com. Jiang has various backgrounds of a system administrator, system architect, software engineer and security engineer. He has published several research papers in the security area. He has a lot of hands-on experience on Linux, Web Application and Network Security.