This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP NZ Day 2019-Training-Are You a Secure Code Warrior"
John dileo (talk | contribs) |
John dileo (talk | contribs) |
||
Line 57: | Line 57: | ||
'''Instructor:''' Jaap Karan Singh | '''Instructor:''' Jaap Karan Singh | ||
− | '''Instructor's Organisation:''' Secure Code Warrior | + | '''Instructor's Organisation:''' [https://securecodewarrior.com/ Secure Code Warrior] |
== Your Instructor == | == Your Instructor == | ||
'''Jaap Karan Singh''' - Jaap is the co-founder of Secure Code Warrior, a global security company that makes software development better and more secure. After security testing at BAE Systems in Australia, Jaap moved from hacking web applications to educating developers on how to protect their own applications. | '''Jaap Karan Singh''' - Jaap is the co-founder of Secure Code Warrior, a global security company that makes software development better and more secure. After security testing at BAE Systems in Australia, Jaap moved from hacking web applications to educating developers on how to protect their own applications. |
Revision as of 22:19, 7 January 2019
Are You a Secure Code Warrior?
Hands-On Training -- OWASP New Zealand Day-2019
This session offers participants a hands-on, gameified training environment where they compete against each other to become the ultimate ‘Secure Code Warrior.’
Participants can first select from various software languages to compete in a tournament, including Java EE, Java Spring, C# MVC, C# WebForms, Ruby on Rails, Python Django, Node.Js and more.
Challenges will be based on the OWASP Top 10 Web App vulnerabilities. Participants will work on code snippets; trying to locate, identify and fix vulnerabilities within each code snippet. The difficulty will range from easy to hard, but hints and learning components are available during the tournament.
Participants can earn points and watch as they climb to the top of the leaderboard, and be crowned the ‘Secure Code Warrior.’ The winner is selected according to points, accuracy and progress during the game and there will be prizes awarded to the top 3 winners.
If you do not wish to participate in the tournament but are keen on learning more secure coding techniques, you are welcome to come along and complete challenges at your leisure on our training platform.
Learning Objectives
In this course, attendees can expect to:
- Learn how to code securely and avoid introducing security issues in code
- Learn how to identify vulnerabilities in code
- Learn how to fix existing vulnerabilities in code
- Learn about the most common mistakes developers make in code, including the OWASP Top Ten
- Understand that there are different ways of coding securely, but that some solutions are actually better than others
Course Topics
The proposed outline for this course is as follows:
- Introduction to application security
- Introduction to the OWASP Top Ten
- Introduction to the most common vulnerabilities:
- SQL injection
- Cross-site scripting (XSS)
- Command Execution
- Find, fix and learn: Play the tournament and win prizes or learn at your own pace by completing challenges in the training platform.
- Winner presentation
Course Details
Date: Thursday, 21 February 2019
Time: 8:45 a.m. to 12:30 pm.
Course Fee: $250.00 (NZD)
Registration Site: https://owaspnz2019-training.eventbrite.com
Location: University of Auckland School of Business, 12 Grafton Road, Auckland - Lower Level
Target Audience: Web Developers, Software Engineers, Application Security Professionals
Skill Level: Basic - All levels of coder are welcome
Required Materials: Each attendee is required to bring their own laptop computer
Instructor: Jaap Karan Singh
Instructor's Organisation: Secure Code Warrior
Your Instructor
Jaap Karan Singh - Jaap is the co-founder of Secure Code Warrior, a global security company that makes software development better and more secure. After security testing at BAE Systems in Australia, Jaap moved from hacking web applications to educating developers on how to protect their own applications.