Web Application, Web Service and Mobile Secure Coding

Jim Manico, Eoin Keary

August, 20th (1 day)

Jim Manico

Jim Manico

The major cause of web insecurity is poor development practices. This highly intensive 1-day bootcamp provides essential application security training for web application, webservices and mobile software developers and architects. The class is a combination of lecture, hands-on security testing and code review. Participants will not only learn the most common threats against applications, but more importantly they will learn how to also fix the problems and design secure solutions via defense-based code samples and review.

We provide free email support for life for all students.

Eoin Keary

Eoin Keary

Digital copies of all course ware will be provided.

Modules include:

  1. HTTP Basics and Introduction to Application Security
  2. Input Validation
  3. SQL and other Injection
  4. Access Control Design
  5. XSS Defense
  6. Advanced XSS Defense
  7. Authentication and Session Management
  8. CSRF
  9. Secure SDLC and Security Architecture
  10. Crypto Basics
  11. Crypto Advanced
  12. Mobile Security Basics
  13. Webservice Security Basics

Requirements

Participants should bring laptops  with a Java Runtime capable of running Burp Suite
(either pro version or free). Please verify and pre-install. Burp-Suite can be found at http://www.portswigger.net/burp/download.html

About the trainers

Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a background building software as a developer and architect for over 20 years. Jim is also a global board member for the OWASP foundation where he helps drive the strategic vision for the organization. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and several additional secure coding projects.

For further information and questions please contact Jim at jim _at_ owasp.org

Eoin Keary is the CTO and founder of BCC Risk Advisory Ltd. (www.bccriskadvisory.com) an Irish company who specialise in secure application development, advisory, penetration testing, Mobile & Cloud security and training. Eoin is also an international board member, and vice chair of OWASP, The Open Web Application Security Project (owasp.org). During his time in OWASP he has lead the OWASP Testing and Security Code Review Guides and also contributed to OWASP SAMM, ASVS and the OWASP Cheat Sheet Series. Eoin has led global security engagements for some of the world’s largest financial services and consumer products companies. He is a well-known technical leader in industry in the area of software security and penetration testing.

For further information and questions please contact Eoin at eoin _at_ bccriskadvisory.com