Live Demo will Expose and Explain How to Defend Against New Attack Method that Hijacks Legitimate Websites

WHO

Amichai Shulman, CTO, Imperva™, Inc.

WHAT

Traditional Phishing attacks transparently redirect victims to fraudulent web pages on the attacker’s website, but a new type of attack redirects victims to a real web page on a legitimate website to carry out identity theft and financial fraud. These attacks exploit web site vulnerabilities known as Cross Site Scripting (XSS) and Script Injection.   This presentation, entitled Real Site Phishing and Advanced Cross Site Scripting, will use an e-commerce application to demonstrate how these techniques work and explain how organizations can defend against them.  Attendees will learn:

• How Phishing techniques exploit vulnerabilities of the target site
• How Cross Site Scripting attacks work and are carried out
• What protection mechanisms can be used to defend against Phishing attacks that exploit Cross Site Scripting and Script Injection vulnerabilities

WHERE

RSA Conference 2006, McEnery Convention Center, San Jose, California

WHEN

Tuesday, February 14, 2006, 4:30pm — 5:20pm

HOW

50 minute technical session

About Imperva

Imperva is the leader in application data security and compliance. Leading enterprise and government organizations worldwide rely on Imperva to prevent data theft and abuse, and ensure data integrity. The company’s SecureSphere products provide data governance and protection solutions that monitor, audit and secure business applications and databases. For more information, visit www.imperva.com

# # #

Imperva and SecureSphere are trademarks of Imperva, Inc. All other brand or product names are trademarks or registered trademarks of their respective holders.

Editorial Contact

Marc Gendron
(781) 237-0341
marc@mqpr.net