This rapid immersion class is for experienced web application software developers who want to take a quick but deep dive into the biggest web application security issues. The class is built extensively around a series of hands-on lab exercises in which the students first learn first-hand the details of today's biggest web application security defects and how to exploit them. This is immediately followed by a set of labs in which the students learn to remediate those same defects by implementing appropriate fixes in a JavaEE-based web application. This rapid fire approach to breaking and then fixing the security on an actual web application enables students to deeply understand and internalize the biggest security problems faced by today's web application developers.
Experience with developing web applications in Java
3 Days/Lecture & Lab
Web application Developers, Designers and Architects
- Class introduction and setup
- Breaking web application security
- Coding labs - fixing web application security
- Design Reviews Using Threat Modeling
- Conducting Effective Code Reviews
- Security Testing
- Contest - The Challenge!
- Questions and Answers
- Class Close