Thinking Outside the Black Box: COTS Web App Security with Apache

Wednesday, May 07 | 2:30PM–3:30PM | Gateway Ballroom 2
Session Type: Professional Development
The open-source Apache web server, with its wide array of included and third-party modules, is an often overlooked option for reducing risk in commercial-off-the-shelf (COTS) web applications when accessible via unfriendly networks. This presentation will cover using Apache to facilitate access, improve logging of web COTS, and defend against known and unknown vulnerabilities to web COTS when the time to apply a patch poses an unacceptable risk, as well as how Apache can be used to mitigate the damage of a malware outbreak—all with little added expense, a little Apache savvy, and no sales people.

OUTCOMES:
Understand that security doesn't always require large capital investment or sales people * Get a handful of out-of-the-box, practical security examples * Obtain an alternative perspective on defending web applications

Presenters

  • David Shettler

    Deputy CIO and Information Security Officer, College of the Holy Cross