This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Bucharest AppSec Conference 2017 Workshops

From OWASP
Revision as of 19:50, 26 June 2017 by Oana Cornea (talk | contribs) (edit3)

Jump to: navigation, search

Workshop

Time Title Trainers Description
3 days training
4th, 5th, 6th of October
daily: 9:00 - 17:00

 Secure Coding for Java
 Robert Seacord Description:
This three-day instructor-led Secure Coding for Java course provides developers with practical guidance for developing Java programs that are robust and secure. Material in this presentation was derived from the Addison-Wesley book The CERT Oracle Secure Coding Standard for Java and is supported by the Secure Coding Rules for Java Live Lessons videos. Participants should come away from the course with a working knowledge of common programming errors that lead to software vulnerabilities, how these errors can be exploited, and effective mitigation strategies for preventing the introduction of these errors.

In particular, participants will learn how to:

  • Explain the need for secure coding Follow fundamental secure coding guidelines
  • Validate and sanitize data
  • Securely deserialize Java streams
  • Securely implement exception handling
  • Predict how the numerical types behave in Java
  • Avoid pitfalls in the use of characters and strings
  • Securely process input and output

Moreover, the course encourages programmers to adopt security best practices and develop a security mindset that can help protect software from tomorrow’s attacks, not just today’s.
Intended audience: The course is designed primarily for Java SE 8 developers but should also be useful to developers using older versions of the SE platform as well as Java EE and ME developers.
Skill level: The course assumes basic Java programming skills but does not assume an in-depth knowledge of software security.
Requirements:laptop with Java 8 and an IDE installed

Seats available: 20 (first-come, first served)
Price: 1200 euros/person
Register here

3 days training
4th, 5th, 6th of October
daily: 9:00 - 17:00

 DFIR from Acquisition to Zbot - A comprehensive guide to real world incident handling
 Aaron Goldstein Description: This training will outline a proven approach to resolving incidents in an efficient, consistent manner. Topics will cover everything from evidence acquisition and verification, through hard disk and memory forensic techniques.

The agenda includes the following, typically between 1-2 hours per topic: Evidence acquisition

  • Methodology for acquisition (leave no trace)
  • Media types
  • Hashing and verification
  • Physical vs Logical
  • Standard Imaging Process
  • Special cases (RAID, etc.)
  • Open Source tools and overview (Windows / Linux)

Hard Disk Forensics Part 1

  • File System Types; Forensic Analysis Tools; Forensic areas of interest

Hard Disk Forensics Part 2

  • Registry Analysis: Key locations and format, Forensic areas of interest, NTUSER.DAT, Regripper, Regdecoder
  • Automated Tools

Memory forensics

  • Open Source tools and overview
  • Memory Acquisition
  • Memory analysis with Volatility: Processes: Network Connections, User names / Passwords, Encryption Keys, Registry Hives, Malware

Log Analysis Techniques

  • Common log sources
  • Local vs Centralized Logging
  • Retention
  • Tampering
  • Log analysis tools and techniques

Forensic Timeline Creation and Analysis

  • Log2Timeline

Data Recovery Techniques

  • Manual data carving
  • Automated tools

Malware Analysis

  • Open Source Intelligence Gathering
  • Malware Sandboxing and evasion techniques
  • File Whitelisting

Advanced Persistent Threat

  • What an APT really is
  • Case Study - Operation Cleaver

Anti Forensics

  • Data shredding
  • Steganography
  • Timestamp modification

Intended audience: Security minded individuals with basic level knowledge of linux operating systems.
Outcome: Attendees will gain critical knowledge on how to appropriately triage, and contain an incident using up to date methodology and suggestions from a trainer with extensive background in real world attacks. In addition, several tips and tricks to build and maintain an effective IR team will be provided.
Requirements:laptops for attendees, virtual box installed

Seats available: 20 (first-come, first served)
Price:1200 euros/person
Register here


9:00 - 17:00
Description:

Outcome:

Intended Audience:
Requirements:

Seats available: 20 (first-come, first served)
Price: 200 euros/person
[Registration link: TBD]

9:00 - 17:00
Description:

Outcome: Intended Audience:

Skill Level:
Requirements:

Seats available: 20 (first-come, first served)
Price: 200 euros/person
[Registration link: TBD]

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2017_Workshops&oldid=230997"