OWASP AppSec DC 2012/State of Web Security

The Presentation
I will cover the current state of web based attacks as we see them monitored on our network. In total somwhere around 1 million+ domains are attacked and monitored on our network, so the sample of data provided should be acceptably accurate. The data will be provided in the presentation using statistical data of logged attacks against our network and customer's sites (and can be provided to security researchers in a raw formet). This will provide the audience with a knowledge of how severe a new exploit can become once attackers utilize it, as well as details on what types of attacks are popular with malicious parties. Time allowing, we will discuss a detailed dissection of a handful of common backdoors we see on our network (of course choosing the most unique and interesting backdoors we encounter.) This is not to help the audience on how to design backdoors, but instead provides a basic overview of these attacker's knowledge and intent (why the bad guys do the things they do.)