This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Bucharest AppSec Conference 2017 Training1"
Oana Cornea (talk | contribs) (edit) |
Oana Cornea (talk | contribs) |
||
Line 7: | Line 7: | ||
| style="width:40%" valign="middle" height="30" bgcolor="#CCCCEE" align="center" colspan="0" | '''Description''' | | style="width:40%" valign="middle" height="30" bgcolor="#CCCCEE" align="center" colspan="0" | '''Description''' | ||
|- | |- | ||
− | | style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 1 day training <br> | + | | style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 1 day training <br> 12th of October<br>daily: 9:00 - 17:00<br><br> |
| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | OWASP Top 10 vulnerabilities – discover, exploit, remediate<br> | | style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | OWASP Top 10 vulnerabilities – discover, exploit, remediate<br> | ||
Line 57: | Line 57: | ||
[https://www.eventbrite.com/e/owasp-bucharest-appsec-conference-2017-tickets-35356670754 Register here] | [https://www.eventbrite.com/e/owasp-bucharest-appsec-conference-2017-tickets-35356670754 Register here] | ||
|- | |- | ||
− | | style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 1 day training <br> | + | | style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 1 day training <br> 11th of October<br>daily: 9:00 - 17:00<br><br> |
| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Introduction to Metasploit Framework<br> | | style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | Introduction to Metasploit Framework<br> | ||
Revision as of 14:13, 11 August 2017
Training | |||||
Time | Title | Trainers | Description | ||
1 day training 12th of October daily: 9:00 - 17:00 |
OWASP Top 10 vulnerabilities – discover, exploit, remediate |
Adrian Furtună – Founder & Ethical Hacker – VirtualStorm Security and Ionuţ Ambrosie – Security Consultant – KPMG Belgium |
Description: The overall objective of this workshop is to increase the participants’ awareness on the most common web application vulnerabilities and their associated risks. We will discuss each type of vulnerability described in the OWASP Top 10 project and will teach participants manual discovery and exploitation techniques. Furthermore, a set of useful security testing tools will be introduced during the workshop. This is a hands-on workshop where participants will learn how to:
Moreover, we will discuss ways in which security can be better integrated into the software development lifecycle and how the OWASP Top 10 vulnerabilities can be avoided, identified early on or mitigated before they reach production environments.
Seats available: 20 (first-come, first served) | ||
1 day training 12th of October daily: 9:00 - 17:00 |
Time critical DFIR: Key playbooks, techniques and tools for time-pressured investigations of security incidents |
Teodor Cimpoesu - Senior Manager Cyber Risk Advisory | Description: This course provides responders and threat hunting teams with advanced skills to hunt down, identify, counter, and recover from a wide range of threats within enterprise networks. Topics:
Intended audience: Digital Forensic Analysts, IR Team Members, Penetration Testers, Exploit Developers, Red Team members | ||
1 day training 11th of October daily: 9:00 - 17:00 |
Introduction to Metasploit Framework |
Adrian Ifrim - Senior Consultant Cyber Risk Services | Description: Metasploit is one, if not the most, widely used tool for penetration testing, providing powerful attack simulations, security assessment management, and post exploitation resources. Metasploit’s capabilities are wide, and this class will help you to prepare to run vulnerability assessments for organizations of any size. In this course, we will teach how to use Metasploit to enumerate available services, identify potential weaknesses, test vulnerabilities through exploitation, and gather evidence for reporting. You will learn how to install and configure the Metasploit Framework and several supporting tools on Kali Linux. At the end of the course you will have a better understanding on how exploits and payloads work together to gain access to systems. Intended audience: Penetration testers, Vulnerability assessment personnel, Auditors, Security engineers, Security researchers |