About
We can manually fuzz SOAP services, web sockets, GraphQL and protobufs. However, manual effort is time-consuming, and many orgs have a lot of ground to cover. Microsoft has been maintaining RESTler for a number of years, but it relies on generating a proprietary grammar file from an openAPI spec. What other tools are available to make fuzzing these interfaces possible, automatable, and repeatable? Where is further effort needed?

Host Jason Gillam with Mic Whitehorn
Presenters
1709218776-763f4fb0ce1c5e74
Secure Ideas
CyberSecurity Company
Secure Ideas is a dedicated team of experts who are passionate about technology and information security. Our primary objectives are to help companies improve their security postures and train the next generation of security professionals.
1710351977-bcfcdb77463be367
Mic Whitehorn
Senior Security Consultant at Secure Ideas
Mic Whitehorn is a Senior Security Consultant for Secure Ideas. Before entering the Information Security field he spent about a decade in web application architecture and development, and nearly five years in systems integration consulting. He possesses broad knowledge across many programming languages ranging from legacy COBOL to enterprise Java and C# to modern Ruby, Python, and JavaScript.

Mic is a perennial open-source contributor, having guided the Musashi and the Client Script Injection Kit (CSIK) projects, in addition to his contributions on SamuraiWTF and Arrrspace. He also strongly believes in providing quality developer training and has provided accessible public classes at a number of conferences. Mic’s class topics have included secure coding, advanced web proof-of-concept development, and attacking and securing microservice API architecture.
1705416696-c538101a95449a63
Jason Gillam
CIO and Principal Security Consultant at Secure Ideas
Jason Gillam is the Chief Information Office of Secure Ideas. He has over 20 years of industry experience in enterprise software solutions, system architecture, and application security. Jason has spent most of his career in technical leadership roles ranging from startups to fortune 100 companies and has learned the business acumen necessary to advise everyone from developers to senior executives on security and architecture. Jason also strongly believes in open sharing of knowledge and tools. He is a regular speaker and trainer for Security BSides events and has jumped in to participate in a number of local information security meetups. He has leveraged his development background to build open source tools including BurpSuite extensions (e.g. CO2, Paramalyzer), and Bloodhound Elementary.
Register To Watch Recording
Full name*
Email Address*
Marketing Permission
SecureIdeas LLC will use the information you provide on this form to notify you of future Webinars and Training events. This is also necessary if you would like to download the slides from the presentation. We will not share or sell your personal information. You can unsubscribe anytime by clicking the unsubscribe link in the footer of our emails, or by replying to our emails and asking to be unsubscribed. For more information, please read our privacy policy.
Yes, I consent to receiving emails*
We use BigMarker as our webinar platform. By clicking Register, you acknowledge that the information you provide will be transferred to BigMarker processing in accordance with their Terms of Service and Privacy Policy.