This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Bucharest AppSec Conference 2018 Training2"
From OWASP
Oana Cornea (talk | contribs) |
Oana Cornea (talk | contribs) (edit6) |
||
| Line 7: | Line 7: | ||
| style="width:40%" valign="middle" height="30" bgcolor="#CCCCEE" align="center" colspan="0" | '''Description''' | | style="width:40%" valign="middle" height="30" bgcolor="#CCCCEE" align="center" colspan="0" | '''Description''' | ||
|- | |- | ||
| − | | style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 2 days training <br> 25th | + | | style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 2 days training <br> 24th and 25th of October <br> daily: 9:00 - 17:00<br><br> |
| − | | style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | | + | | style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Secure Web Applications in Java |
| − | | style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | | + | | style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | [http://ro.linkedin.com/in/scrissti Cristian Serban] and [https://ro.linkedin.com/in/luciansuta Lucian Suta] |
| − | | style="width:40%" valign="middle" height="30" bgcolor="#CCEEEE" align="justify" colspan="0" | '''Description:''' | + | | style="width:40%" valign="middle" height="30" bgcolor="#CCEEEE" align="justify" colspan="0" | '''Description:''' Everybody is familiar with OWASP Top 10, but how is that applicable when you write Java web applications and web services using the Spring Framework? In this course we will look at the security features built into this commonly-used Java framework, how security holes in your application look from the point of view of a hacker, and how to apply security principles such as ‘defense in depth’ in order to build robust applications. Together we will build a web application in stages, adding successive layers of functionality and security, and in the process we will develop secure coding testing skills, uncover and protect against some of the most common vulnerabilities in Java code. |
| − | Topics covered: | + | Topics covered: |
Day 1: | Day 1: | ||
| − | * | + | * Simple REST API, database access, subresource integrity, CSP, parameter validation, output encoding, form-based login, access control, method security, CSRF |
| − | |||
Day 2: | Day 2: | ||
| − | * | + | * Remember me functionality, LDAP login, OAuth 2.0 login, custom authentication, CORS, SSL, self-signed certificates, Let’s Encrypt, hashing, encryption |
| − | + | ||
<br> | <br> | ||
'''Intended audience:''' <br> | '''Intended audience:''' <br> | ||
| Line 25: | Line 24: | ||
'''Seats available: '''20 (first-come, first served)<br> | '''Seats available: '''20 (first-come, first served)<br> | ||
'''Price: 650 euros/person'''<br> | '''Price: 650 euros/person'''<br> | ||
| − | [ Register here] | + | [https://www.eventbrite.com/e/owasp-bucharest-appsec-conference-2018-tickets-47960216298#tickets Register here] |
|} | |} | ||
Revision as of 19:28, 8 August 2018
Training | |||||
| Time | Title | Trainers | Description | ||
| 2 days training 24th and 25th of October daily: 9:00 - 17:00 |
Secure Web Applications in Java | Cristian Serban and Lucian Suta | Description: Everybody is familiar with OWASP Top 10, but how is that applicable when you write Java web applications and web services using the Spring Framework? In this course we will look at the security features built into this commonly-used Java framework, how security holes in your application look from the point of view of a hacker, and how to apply security principles such as ‘defense in depth’ in order to build robust applications. Together we will build a web application in stages, adding successive layers of functionality and security, and in the process we will develop secure coding testing skills, uncover and protect against some of the most common vulnerabilities in Java code.
Topics covered: Day 1:
Day 2:
| ||
