Hard Problems with Automated Penetration Testing

Ambarish Malpani, Cenzic

Cenzic develops an application to allow automation of penetration testing of web based applications. In this talk, I will discuss interesting problems in this area - some that we have solved and some that we are actively trying to address.


Prior to Cenzic, Ambarish founded ValiCert, Inc., where he was responsible for product development, architecture and standards efforts. He has worked extensively at IETF and is responsible for both the Online Certificate Status Protocol (OCSP) and Simple Certificate Validation Protocol (SCVP). He also developed the first OCSP responders. While at ValiCert, Ambarish was also responsible for doing the first port of the Apache web server to Windows NT, which he then contributed back to the Apache group.

28 February (Tuesday) at 1630 hrs

Gates 4B (opposite 490)