NYS Forum Logo

The NYS Forum
Web and Accessibility Workgroup Presents:

Defending your Web Applications from Attack:
Current Web-Based Threats, Resources & Tools

December 4, 2015
9:00 am - 12:00 pm
(8:30 am Check-In)
The NYS Forum Office
24 Aviation Road, Suite 206, Albany, NY

Webinar available for this event

The problem with cyber attacks are that hackers only need to find one vulnerability to exploit while organizations must have multiple defenses in place. Standing at one of the most important lines of defense are those who are involved with development, deployment, and maintenance of web applications, which are often the gateways to precious data.

This presentation will go over the current threat environment being faced and what are being targeted. It will introduce resources and tools to assist in risk guidance and testing including those from the Open Web Application Security Project (OWASP).

This is a great talk for you if you want to figure out:

  • What are some of the hottest threats in web right now?
  • How can I figure out if my website has been hacked?
  • How can I be informed of the latest vulnerabilities for my web applications?
  • What can I do to reduce the risks to my web applications?


Damira Pon is a faculty in the Digital Forensics Program and a part of the School of Business and School of Criminal Justice at the University at Albany, State University of New York. She is currently an ISACA Hudson Valley Chapter Board Member & Academic Advocate; she also acts as one of the faculty co-advisors for the UAlbany ISACA student group and Digital Forensics Association. Prior to becoming a faculty member in 2015, she was a Senior Research Analyst at the NYS Center for Information Forensics and Assurance, where she worked for more than 10 years. She has participated in several NYS Cyber Security Conference plenary sessions and workshops which included live hacking demonstrations and workshops on incident analysis and risk assessment. She has wide range of experience in online and blended education in information security and forensics, information security policy and compliance (business continuity / disaster recovery, information classification, risk assessment), creation of standard operating procedures for law enforcement in digital forensics, crime mapping related to Internet Crimes against Children (ICAC), data analysis (including cyber incident and log analysis), and penetration testing for IT security audits.