Loading…
Global AppSec Tel Aviv Program Schedule (NOT Registration site)
InterContinental David Tel Aviv Hotel Map                                                         
Transportation Information
List of Hotels    
Click here to Register for training, conference, and accommodations
 
***SUBJECT TO CHANGE AND UPDATES*** 
View analytic
Monday, May 27 • 9:00am - Tuesday, May 28 • 6:00pm
Seth & Ken’s Excellent Adventures (in Code Review)

Sign up or log in to save this to your schedule and see who's attending!

Have you ever been tasked with reviewing 3.2 million lines of code manually for SQL Injection, XSS, and Access Control flaws? Have you been asked to review a new framework on short notice? Does the idea of reviewing Ruby, Go, or Node code leave you with heartburn? This course addresses all of these common challenges in modern code review. We have concentrated on taking our past adventures in code review, the lessons we’ve learned along the way, and made them applicable for others who perform code reviews. We will share our methodology to perform analysis of any source code and suss out security flaws, no matter the size of the code base, or the framework, or the language.  You as a student will learn the methodology, techniques, approach, and tools used by Seth Law and Ken Johnson to understand code flows, trace user input, identify vulnerabilities, and effectively secure an application code base.

Upon completion attendees will know:
Students will take away knowledge and experience in approaching numerous code languages and frameworks to complete a security source code review. In addition, the learned methodology can be customized by the attendee to fit into any organization’s security SDLC. Finally, the attendee will have the tools to review source code for any web, mobile, or modern application, whether or not the targeted language is specifically covered during the course.

The trainer will provide:
Presentation materials
Source code to be analyzed during the course (VM provided if desired).

Attendees should bring:
Laptop with wireless and virtual machine (VMWare/Virtual Box) capabilities.
Preferred IDE


Speakers
avatar for Seth Law

Seth Law

Application Security Consultant, Redpoint Security, Inc
Seth Law is an experienced Application Security Professional with over 15 years of experience in the computer security industry. During this time, Seth has worked within multiple disciplines in the security field, from software development to network protection, both as a manager... Read More →
avatar for Ken Johnson

Ken Johnson

AppSec Person, GitHub
Ken Johnson, has been hacking web applications professionally for 10 years and given security training for 7 of those years. Ken is both a breaker and builder and currently works on the GitHub application security team. Previously, Ken has spoken at RSA, You Sh0t the Sheriff, Insomnihack... Read More →


Monday May 27, 2019 9:00am - Tuesday May 28, 2019 6:00pm
Feedback form isn't open yet.

Attendees (3)