Software Security Best Practices - Revision history

Achim: category OWASP/Training changed to OWASP Training

2014-11-10T21:26:09Z

category OWASP/Training changed to OWASP Training

Achim: category changed to OWASP/Training AppSec_DC_2010

2014-11-10T20:50:14Z

category changed to OWASP/Training AppSec_DC_2010

Benjamin Tomhave at 14:53, 11 October 2010

2010-10-11T14:53:21Z

Benjamin Tomhave at 14:51, 11 October 2010

2010-10-11T14:51:03Z

Benjamin Tomhave at 17:31, 23 September 2010

2010-09-23T17:31:41Z

Mark.bristow: Created page with 'NOTOC link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'

2010-09-22T21:44:07Z

Created page with '__NOTOC__ link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'

New page

__NOTOC__
[[Image:468x60-banner-2010.gif|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]

[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] | [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] | [http://www.dcconvention.com/ Walter E. Washington Convention Center]
<br>
==Description==
'''Course Length: 2 Days'''

This tutorial starts with a description of the security problems faced by today's software developer, as well as a detailed description of how defective software can be exploited. It goes on to provide a thorough description of the best practices available to prevent, detect, and remediate security problems in software. Next, the tutorial includes hands-on design review exercises to reinforce each of the concepts presented, together with dozens of examples of common coding errors (primarily in C/C++ and Java).

==Student Requirements==

All students will be expected to bring their own laptop running a copy of the OWASP Live CD. To expedite course delivery, students should test the functionality of the OWASP Live CD on their system prior to arrival.
http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project

==Objectives==
Skill: Intermediate

# In-depth understanding of the software security problem space
# Hands-on experience identifying and remediating OWASP Top 10 vulnerabilities
# Hands-on experience with common software security tools

==Instructor==
'''Instructor: Ben Tomhave ''' Ben Tomhave is a Senior Security Analyst with Gemini Security Solutions in Chantilly, VA, specializing in solutions architecture, security planning, program development and management, and other strategic security solutions. He holds a MS in Engineering Management with an Information Security Management concentration from The George Washington University and is a CISSP.

His experience includes developing and delivering course materials internally and for the formal classroom environment. Course delivery covers areas such as security awareness, information security fundamentals, and application security. Ben has been specially trained and authorized to deliver this program by Ken van Wyk of KRvW Associates, LLC, to clients and AppSec DC 2010 students.

[[Category:AppSec_DC_2010_Training]] [[Category:Intermediate_Training]]]

← Older revision		Revision as of 21:26, 10 November 2014
Line 31:		Line 31:
	His experience includes developing and delivering course materials internally and for the formal classroom environment. Course delivery covers areas such as security awareness, information security fundamentals, and application security. Ben has been specially trained and authorized to deliver this program by Ken van Wyk of KRvW Associates, LLC, to clients and AppSec DC 2010 students.		His experience includes developing and delivering course materials internally and for the formal classroom environment. Course delivery covers areas such as security awareness, information security fundamentals, and application security. Ben has been specially trained and authorized to deliver this program by Ken van Wyk of KRvW Associates, LLC, to clients and AppSec DC 2010 students.

−	[[Category:OWASP/~~Training~~ AppSec_DC_2010]] [[Category:OWASP/~~Training~~ Basic]]	+	[[Category:OWASP Training/AppSec_DC_2010]] [[Category:OWASP Training/Basic]]

← Older revision		Revision as of 20:50, 10 November 2014
Line 31:		Line 31:
	His experience includes developing and delivering course materials internally and for the formal classroom environment. Course delivery covers areas such as security awareness, information security fundamentals, and application security. Ben has been specially trained and authorized to deliver this program by Ken van Wyk of KRvW Associates, LLC, to clients and AppSec DC 2010 students.		His experience includes developing and delivering course materials internally and for the formal classroom environment. Course delivery covers areas such as security awareness, information security fundamentals, and application security. Ben has been specially trained and authorized to deliver this program by Ken van Wyk of KRvW Associates, LLC, to clients and AppSec DC 2010 students.

−	[[Category:~~AppSec_DC_2010_Training~~]] [[Category:~~Intermediate_Training~~]]	+	[[Category:OWASP/Training AppSec_DC_2010]] [[Category:OWASP/Training Basic]]

← Older revision		Revision as of 14:53, 11 October 2010
Line 31:		Line 31:
	His experience includes developing and delivering course materials internally and for the formal classroom environment. Course delivery covers areas such as security awareness, information security fundamentals, and application security. Ben has been specially trained and authorized to deliver this program by Ken van Wyk of KRvW Associates, LLC, to clients and AppSec DC 2010 students.		His experience includes developing and delivering course materials internally and for the formal classroom environment. Course delivery covers areas such as security awareness, information security fundamentals, and application security. Ben has been specially trained and authorized to deliver this program by Ken van Wyk of KRvW Associates, LLC, to clients and AppSec DC 2010 students.

−	[[Category:AppSec_DC_2010_Training]] [[Category:Intermediate_Training]]]	+	[[Category:AppSec_DC_2010_Training]] [[Category:Intermediate_Training]]

@@ Line 7: / Line 7: @@
 '''Course Length: 2 Days'''
-This tutorial starts with a description of the security problems faced by today's software developer, as well as a detailed description of how defective software can be exploited. It goes on to provide a thorough description of the best practices available to prevent, detect, and remediate security problems in software. Next, the tutorial includes hands-on design review exercises to reinforce each of the concepts presented, together with dozens of examples of common coding errors (primarily in C/C++ and Java).
+This hands-on tutorial starts with a description of the security problems faced by today's software developer, as well as a detailed description of how defective software can be exploited. It goes on to provide a thorough description of the best practices available to prevent, detect, and remediate security problems in software. Next, the tutorial includes hands-on design review exercises to reinforce each of the concepts presented, together with dozens of examples of common coding errors (primarily in C/C++ and Java).
 ==Student Requirements==
@@ Line 13: / Line 13: @@
 All students will be expected to bring their own laptop running a copy of the OWASP Live CD.  To expedite course delivery, students should test the functionality of the OWASP Live CD on their system prior to arrival.
 http://www.owasp.org/index.php/Category:OWASP_Live_CD_Project

@@ Line 24: / Line 24: @@
 ==Instructor==
-'''Instructor: Ben Tomhave '''  Ben Tomhave is a Senior Security Analyst with Gemini Security Solutions in Chantilly, VA, specializing in solutions architecture, security planning, program development and management, and other strategic security solutions. He holds a MS in Engineering Management with an Information Security Management concentration from The George Washington University and is a CISSP.
+'''Instructor: Ben Tomhave ''' is a Senior Security Analyst with Gemini Security Solutions in Chantilly, VA, specializing in solutions architecture, security planning, program development and management, and other strategic security solutions. He holds a MS in Engineering Management with an Information Security Management concentration from The George Washington University and is a CISSP.
 His experience includes developing and delivering course materials internally and for the formal classroom environment. Course delivery covers areas such as security awareness, information security fundamentals, and application security. Ben has been specially trained and authorized to deliver this program by Ken van Wyk of KRvW Associates, LLC, to clients and AppSec DC 2010 students.
 [[Category:AppSec_DC_2010_Training]] [[Category:Intermediate_Training]]]