March 2014 SFISSA Meeting — Florida Atlantic University – Thursday, March 20, 5:30pm – 7:30pm


Jorge Orchilles, Orchilles Consulting



Pwning Windows Phone 8 appz

Believe it or not, Windows Phone 8 (WP8) is gaining popularity, which means we are the ones late on the bandwagon. There is some sporadic research and documentation on how to find and exploit vulnerabilities on WP8 but nothing concrete or centralized. This presentation will bring all that research as well as experience testing WP8 mobile apps together and provide a proven methodology for testing WP8 apps. The presentation will quickly introduce the audience to WP8 as an understanding of the platform is required to test an app that runs on it. We will then jump to how to test your favorite mobile app, find vulnerabilities, and exploit them. I will outline and demo step by step methods so the audience member can begin finding vulnerabilities as soon as they leave the presentation, no physical device required!

Jorge Orchilles has over 12 years experience in the information technology/security field. He is the author of Microsoft Windows 7 Administrator’s Reference and holds multiple industry certifications: GXPN, CISSP, GPEN, GCIH. He runs the offensive security team at one of the largest global financial services firm. His current focus is on mobile security. Full bio at:



Scott Barrett, Imperva




“Protecting your brand from a Web Attack.”

Abstract:  People are after your customers’ information and are highly paid for it. Protecting high-value applications and data assets in physical and virtual data centers is paramount. The web remains as a viable, accessible, and vulnerable avenue for attack. We can show you what a typical site under attack looks like without a web application firewall. Alternatively, we can show you how to protect against today’s logical attacks with a web application firewall that will protect your high-value targets, keeping them both secure and accessible.

Bio: Scott Barrett has been in information technology for over 20 years. He has managed and architected virtual data centers and has worked for Fortune 500 companies in the financial, technology and security industries.



Florida Atlantic University

777 Glades Road

Student Union 204

Boca Raton FL 33431

p: 561-297-2041

Engineering East – 106 – Classroom




Coming from Miami and points South 

Head North on I-95 to Glades Road Exit

Head East to FAU Main Entrance

Turn into FAU

Follow Signs to Engineering Building East

Coming from Jupiter and points North- 

Head South on I-95 to Glades Road Exit

Head East to FAU Main Entrance

Turn into FAU

Follow Signs to Engineering Building East
There may be a nominal parking fee.

(We are looking to get it waived for this event)

 Networking Event:

On Campus