This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP AppSec Conference Training"
m (→T3. Defensive Programming - 2-Day Course - Oct 9-10, 2008) |
m (→T5. Advanced Testing - 1-Day Course - Oct 10, 2008) |
||
Line 160: | Line 160: | ||
Registration is available via the OWASP Conference Cvent site at: | Registration is available via the OWASP Conference Cvent site at: | ||
+ | |||
+ | |||
'''Tutorial Provider''' | '''Tutorial Provider''' | ||
− | |||
This tutorial is provided by longtime OWASP contributor: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif] | This tutorial is provided by longtime OWASP contributor: [http://www.aspectsecurity.com http://www.owasp.org/images/d/d1/Aspect_logo.gif] | ||
== T6. TBD == | == T6. TBD == |
Revision as of 21:45, 28 February 2008
- 1 OWASP AppSec 2008 Training Courses - October 9-10, 2008
- 2 T1. Building and Testing Secure Web Applications - 2-Day Course - Oct 9-10, 2008
- 3 T2. Application Security Forensics - 1-Day Course - Oct 10, 2008
- 4 T3. Defensive Programming - 2-Day Course - Oct 9-10, 2008
- 5 T4. Leader Management - 1-Day Course - Oct 9, 2008
- 6 T5. Advanced Testing - 1-Day Course - Oct 10, 2008
- 7 T6. TBD
OWASP AppSec 2008 Training Courses - October 9-10, 2008
OWASP has arranged to have xx 2-day and xx 1-day Application Security training courses following the conference.
Three courses will be provided by a long time contributor to OWASP, Aspect Security. One course will be provided by a Pravir Chandra, Project lead of the OWASP Clasp Project. Another course will be presented by the FBI.
These courses are being offered to attendees of the OWASP conference at a significant discount to their standard commercial price. Most of the course fee will go to OWASP to support the OWASP Foundation's efforts.
T1
|
Building and Testing Secure Web Applications
|
---|---|
T2
|
Application Security Forensics
|
T3
|
Defensive Programming
|
T4
|
Leader Management
|
T5
|
Advanced Testing
|
T6
|
TBD
|
Pricing
$995 for 1-Day Training Course
$1995 for 2-Day Training course
Location
At Pace University in New York. Same location as the conference.
Course Times
Each class begins at xx AM and runs until xx PM each day.
Registration
Registration is available via the OWASP Conference Cvent site at:
T1. Building and Testing Secure Web Applications - 2-Day Course - Oct 9-10, 2008
Course Overview
This powerful two-day course focuses on the most common web application security problems, including the OWASP Top Ten. The course will introduce and demonstrate hacking techniques, illustrating how easily application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities into their code.
Lecturer: Rogan Dawes, Project Lead OWASP WebScarab Project, Consultant, Aspect Security
Registration
Registration is available via the OWASP Conference Cvent site at:
Tutorial Provider
This tutorial is provided by longtime OWASP contributor:
T2. Application Security Forensics - 1-Day Course - Oct 10, 2008
Course Overview
How would you respond to a application security hack? This course will provide insight into the world or forensics with a focus on Web Application Security
Registration
Registration is available via the OWASP Conference Cvent site at:
Tutorial Provider
This tutorial is provided by the FBI.
T3. Defensive Programming - 2-Day Course - Oct 9-10, 2008
Course Overview
This class will teach you how to program defensively. A must for developers, managers, testers and security professionals. Learn the latest techniques to build attack resistant code, protect from current and future vulnerabilities and how to secure an application from both implementation bugs and design flaws.
Details
Day One
Understanding the platform,
Language design considerations,
Memory management features,
Browser security model,
Handling Input and Output Securely,
Interfacing with a database,
Understanding the control and data planes,
Handling user input,
Character representation and encoding,
Determinism and Concurrency,
Acting on resource properties,
Reliable locking schemes,
Shared system resources,
Session Management,
Random numbers and temporary files,
Day Two:
Safe Error Handling and Logging,
Error/exception handling,
Numeric data types,
Programmatic checks and assertions,
Audit Logging,
Debug Code,
Information Leakage,
Engineering for Security Features,
Applying cryptography,
Authentication and authorization,
Managing application state,
Secrets inside code,
Using privileged code,
Designing hardened interfaces,
Software Security in Operations,
Network Infrastructure,
Configuration of web apps,
Application Packaging,
Code Signing,
Managing Key Material,
Reference
Registration
Registration is available via the OWASP Conference Cvent site at:
Tutorial Provider
This tutorial is provided by Pravir Chandra, a well known security expert, project lead for OWASP CLASP project and former co-founder & CTO of secure software
T4. Leader Management - 1-Day Course - Oct 9, 2008
Course Overview
Registration
Registration is available via the OWASP Conference Cvent site at:
Tutorial Provider
This tutorial is provided by longtime OWASP contributor:
T5. Advanced Testing - 1-Day Course - Oct 10, 2008
Course Overview
Registration
Registration is available via the OWASP Conference Cvent site at:
Tutorial Provider
This tutorial is provided by longtime OWASP contributor:
T6. TBD
This category currently contains no pages or media.