Software Security Remediation: How to Fix Application Vulnerabilities - Revision history

Achim: category OWASP/Training changed to OWASP Training

2014-11-10T21:25:36Z

category OWASP/Training changed to OWASP Training

Achim: category changed to OWASP/Training AppSec_DC_2010

2014-11-10T20:50:36Z

category changed to OWASP/Training AppSec_DC_2010

Mark.bristow: Created page with 'NOTOC link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'

2010-09-22T21:49:08Z

Created page with '__NOTOC__ link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'

New page

__NOTOC__
[[Image:468x60-banner-2010.gif|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]

[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] | [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] | [http://www.dcconvention.com/ Walter E. Washington Convention Center]
<br>
==Description==
'''Course Length: 1 Day'''

This class teaches attendees how to fix security vulnerabilities in existing software. It provides a mix of discussion of project concerns for planning and managing remediation efforts with hands-on coding examples fixing specific vulnerabilities. Attendees will learn how to risk-rank vulnerabilities, estimate remediation tasks, perform coding fixes for vulnerabilities and demonstrate the effectiveness of fixes applied. The focus is on the practical: how to use limited resources to make significant improvements to the security of target applications. Code examples use the OWASP ESAPI Java and Microsoft Web Protection Library. Many classes teach developers how to build secure code from the ground up or teach security analysts how to test applications for security vulnerabilities. This class teaches developers and security analysts how to deal with their existing portfolio of insecure applications.

==Student Requirements==

Attendees will need laptops with the ability to run a VMWare image that will be provided.

==Objectives==
Skill: Intermediate

# How to scope and plan software security remediation projects
# Code-level techniques to fix code containing common vulnerabilities
# How to demonstrate the software security fixes were effective

==Instructor==
'''Instructor: Dan Cornell''' Dan Cornell has over twelve years of experience architecting and developing web-based software systems. As Principal of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group security research team, investigating the application of secure coding and development techniques to the improvement of web-based software development methodologies.

[[Category:AppSec_DC_2010_Training]] [[Category:Intermediate_Training]]]

← Older revision		Revision as of 21:25, 10 November 2014
Line 24:		Line 24:
	'''Instructor: Dan Cornell''' Dan Cornell has over twelve years of experience architecting and developing web-based software systems. As Principal of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group security research team, investigating the application of secure coding and development techniques to the improvement of web-based software development methodologies.		'''Instructor: Dan Cornell''' Dan Cornell has over twelve years of experience architecting and developing web-based software systems. As Principal of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group security research team, investigating the application of secure coding and development techniques to the improvement of web-based software development methodologies.

−	[[Category:OWASP/~~Training~~ AppSec_DC_2010]] [[Category:OWASP/~~Training~~ Basic]]	+	[[Category:OWASP Training/AppSec_DC_2010]] [[Category:OWASP Training/Basic]]

← Older revision		Revision as of 20:50, 10 November 2014
Line 24:		Line 24:
	'''Instructor: Dan Cornell''' Dan Cornell has over twelve years of experience architecting and developing web-based software systems. As Principal of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group security research team, investigating the application of secure coding and development techniques to the improvement of web-based software development methodologies.		'''Instructor: Dan Cornell''' Dan Cornell has over twelve years of experience architecting and developing web-based software systems. As Principal of Denim Group, he leads the organization’s technology team overseeing methodology development and project execution for Denim Group’s customers. He also heads the Denim Group security research team, investigating the application of secure coding and development techniques to the improvement of web-based software development methodologies.

−	[[Category:~~AppSec_DC_2010_Training~~]] [[Category:~~Intermediate_Training]~~]]	+	[[Category:OWASP/Training AppSec_DC_2010]] [[Category:OWASP/Training Basic]]

Software Security Remediation: How to Fix Application Vulnerabilities - Revision history

Achim: category OWASP/Training changed to OWASP Training

Achim: category changed to OWASP/Training AppSec_DC_2010

Mark.bristow: Created page with '__NOTOC__ link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'

Mark.bristow: Created page with 'NOTOC link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010 [https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=…'