This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Bucharest AppSec Conference 2018 Training2"
From OWASP
Oana Cornea (talk | contribs) (edit6) |
Oana Cornea (talk | contribs) |
||
| Line 10: | Line 10: | ||
| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Secure Web Applications in Java | | style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Secure Web Applications in Java | ||
| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | [http://ro.linkedin.com/in/scrissti Cristian Serban] and [https://ro.linkedin.com/in/luciansuta Lucian Suta] | | style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | [http://ro.linkedin.com/in/scrissti Cristian Serban] and [https://ro.linkedin.com/in/luciansuta Lucian Suta] | ||
| − | | style="width:40%" valign="middle" height="30" bgcolor="#CCEEEE" align="justify" colspan="0" | '''Description:''' Everybody is familiar with OWASP Top 10, but how is that applicable when you write Java web applications and web services using the Spring Framework? In this course we will look at the security features built into this commonly-used Java framework, how security holes in your application look from the point of view of a hacker, and how to apply security principles such as ‘defense in depth’ in order to build robust applications. Together we will build a web application in stages, adding successive layers of functionality and security, and in the process we will develop secure coding testing skills, uncover and protect against some of the most common vulnerabilities in Java code. | + | | style="width:40%" valign="middle" height="30" bgcolor="#CCEEEE" align="justify" colspan="0" | '''Description:''' <br>Everybody is familiar with OWASP Top 10, but how is that applicable when you write Java web applications and web services using the Spring Framework? In this course we will look at the security features built into this commonly-used Java framework, how security holes in your application look from the point of view of a hacker, and how to apply security principles such as ‘defense in depth’ in order to build robust applications. Together we will build a web application in stages, adding successive layers of functionality and security, and in the process we will develop secure coding testing skills, uncover and protect against some of the most common vulnerabilities in Java code. |
Topics covered: | Topics covered: | ||
Day 1: | Day 1: | ||
| Line 16: | Line 16: | ||
Day 2: | Day 2: | ||
* Remember me functionality, LDAP login, OAuth 2.0 login, custom authentication, CORS, SSL, self-signed certificates, Let’s Encrypt, hashing, encryption | * Remember me functionality, LDAP login, OAuth 2.0 login, custom authentication, CORS, SSL, self-signed certificates, Let’s Encrypt, hashing, encryption | ||
| − | |||
<br> | <br> | ||
| − | '''Intended audience:''' <br> | + | '''Intended audience:''' software developers, security people with some programming experience<br> |
| − | '''Skill level: '''<br> | + | '''Skill level: '''HTTP (intermediate), Java programming (intermediate)<br> |
| − | '''Requirements: ''' | + | '''Requirements: '''laptop, JDK 8+, Maven, ZAP, GIT, some text editor such as Visual Studio Code |
<br> | <br> | ||
'''Seats available: '''20 (first-come, first served)<br> | '''Seats available: '''20 (first-come, first served)<br> | ||
Revision as of 19:29, 8 August 2018
Training | |||||
| Time | Title | Trainers | Description | ||
| 2 days training 24th and 25th of October daily: 9:00 - 17:00 |
Secure Web Applications in Java | Cristian Serban and Lucian Suta | Description: Everybody is familiar with OWASP Top 10, but how is that applicable when you write Java web applications and web services using the Spring Framework? In this course we will look at the security features built into this commonly-used Java framework, how security holes in your application look from the point of view of a hacker, and how to apply security principles such as ‘defense in depth’ in order to build robust applications. Together we will build a web application in stages, adding successive layers of functionality and security, and in the process we will develop secure coding testing skills, uncover and protect against some of the most common vulnerabilities in Java code. Topics covered: Day 1:
Day 2:
| ||
