This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP NZ Day 2019-Training-Are You a Secure Code Warrior

From OWASP
Revision as of 22:39, 8 January 2019 by John dileo (talk | contribs) (fixed typo)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Are You a Secure Code Warrior?

Hands-On Training -- OWASP New Zealand Day-2019

This session offers participants a hands-on, gamified training environment where they compete against each other to become the ultimate ‘Secure Code Warrior.’

Participants can first select from various software languages to compete in a tournament, including Java EE, Java Spring, C# MVC, C# WebForms, Ruby on Rails, Python Django, Node.Js and more.

Challenges will be based on the OWASP Top 10 Web App vulnerabilities. Participants will work on code snippets; trying to locate, identify and fix vulnerabilities within each code snippet. The difficulty will range from easy to hard, but hints and learning components are available during the tournament.

Participants can earn points and watch as they climb to the top of the leaderboard, and be crowned the ‘Secure Code Warrior.’ The winner is selected according to points, accuracy and progress during the game and there will be prizes awarded to the top 3 winners.

If you do not wish to participate in the tournament but are keen on learning more secure coding techniques, you are welcome to come along and complete challenges at your leisure on our training platform.

Learning Objectives

In this course, attendees can expect to:

  • Learn how to code securely and avoid introducing security issues in code
  • Learn how to identify vulnerabilities in code
  • Learn how to fix existing vulnerabilities in code
  • Learn about the most common mistakes developers make in code, including the OWASP Top Ten
  • Understand that there are different ways of coding securely, but that some solutions are actually better than others

Course Topics

The proposed outline for this course is as follows:

  • Introduction to application security
  • Introduction to the OWASP Top Ten
  • Introduction to the most common vulnerabilities:
    • SQL injection
    • Cross-site scripting (XSS)
    • Command Execution
  • Find, fix and learn: Play the tournament and win prizes or learn at your own pace by completing challenges in the training platform.
  • Winner presentation

Course Details

Date: Thursday, 21 February 2019

Time: 8:45 a.m. to 12:30 pm.

Course Fee: $250.00 (NZD)

Registration Site: https://owaspnz2019-training.eventbrite.com

Location: University of Auckland School of Business, 12 Grafton Road, Auckland - Lower Level

Target Audience: Web Developers, Software Engineers, Application Security Professionals

Skill Level: Basic - All levels of coder are welcome

Required Materials: Each attendee is required to bring their own laptop computer

Instructor: Jaap Karan Singh

Instructor's Organisation: Secure Code Warrior

Your Instructor

Jaap Karan Singh - Jaap is the co-founder of Secure Code Warrior, a global security company that makes software development better and more secure. After security testing at BAE Systems in Australia, Jaap moved from hacking web applications to educating developers on how to protect their own applications.

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_NZ_Day_2019-Training-Are_You_a_Secure_Code_Warrior&oldid=246471"