When does class start/end?
Classes begin promptly at 9:00 am, and typically end at 5:00 pm.
Security experts agree that the least effective approach to security is "penetrate and patch". It is far more effective to "bake" security into an application throughout its lifecycle. After spending...
Read More
Security experts agree that the least effective approach to security is "penetrate and patch". It is far more effective to "bake" security into an application throughout its lifecycle. After spending significant time examining a poorly designed (from a security perspective) web application, developers are ready to learn how to build secure web applications starting at project inception. The final portion of this course builds on the previously learned mechanics for building defenses by exploring how design and analysis can be used to build stronger applications from the beginning of the software lifecycle.
Securing Web Applications is a seminar style course designed for web developers and technical stakeholders who need to produce secure web applications. They will thoroughly examine best practices for defensively coding web applications, covering all the 2021 OWASP Top Ten as well as several additional prominent vulnerabilities (such as file uploads and handling untrusted free-form text). Our web app security expert will share how to integrate security measures into the development process. You will also explore core concepts and challenges in web application security, showcasing real world examples that illustrate the potential consequences of not following these best practices.
This course is also PCI Compliant.
This is an overview-level , lecture and demonstration style course, designed to provide technical application project stakeholders with a first-look or baseline understanding of how to develop well defended web applications.
Real-world programming experience is highly recommended for code reviews, but not required.
Session: Bug Hunting Foundation
Session: Moving Forward From Hunting Bugs
Session: Foundation for Securing Web Applications
Session: Bug Stomping 101
Session: Bug Stomping 102
Session: Moving Forward