Global AppSec Tel Aviv Program Schedule (NOT Registration site)
Monday, May 27 • 9:00am - Tuesday, May 28 • 6:00pm
Mastering Holistic Application Security

Sign up or log in to save this to your schedule and see who's attending!

Course Abstract Practice-changing impact, long lasting security knowledge and skills -- are the expected outcomes of this new-school webapp security training. The course is inclusive: the developers learn application security and hacking, improve their professional skills and are also introduced to the security design patterns for fixing the code. In the modern development process security testing is something shared among developers, devops, testers and auditors -- this mingled situation we recreate during exercises.
This is a training with minimum lecture and all focussed on hands-on exercises. We start off with some understanding of secure development and the secure coding principles. Then we do basic hacking challenges and move gradually to the advanced topics, but after that we do exercises that are about fixing vulnerable code. The last day of the training the attendees need to show on a custom build vulnerable application the security testing skills and implement the code fixes, this will be reviewed by the trainer.
The attendees will have after this course a vast set of actionable knowledge and practise to be used straight away. Also using the OWASP SKF project will enable them after the course to build secure applications by design but also continue improving and training themselves.
For Devs: Empowering developers in writing secure software by design and being able to verify the implementations themselves.

Upon completion attendees will know:
  • They will be able to test for web application vulnerabilities themselves from basic to advanced
  • They will know how to fix the vulnerabilities and what secure design patterns to use
  • How to do security by design using the OWASP-SKF project
  • After this training, they are able to build secure software by design and also verify the implementation of the code on their own
The trainer will provide:
  • Providing the 25+ lab challenges, these can also be used after the training because these are all open source and part of the OWASP-SKF project
  • Custom build the vulnerable application to be used for exam

Attendees should bring:
A laptop with KALI installed and Python2 and Python3 installed with ZAP or Burp community edition. Also, have an IDE you like the best to be installed for the fixing of the vulnerabilities.

Attendees should know:
The attendees need to have basic programming skills. For the Labs, we will start from basic hands-on exploits to advanced ones.

avatar for Glenn Ten Cate

Glenn Ten Cate

As a coder, hacker, speaker, trainer and security chapter leader employed at ING Belgium Glenn has over 15 years experience in the field of security. One of the founders of defensive development [defdev] a security training's series dedicated to helping you build and maintain secure... Read More →

Monday May 27, 2019 9:00am - Tuesday May 28, 2019 6:00pm
TBA InterContinental David Kaufmann St 12, Tel Aviv-Yafo, 61501, Israel
Feedback form isn't open yet.

Attendees (1)