A practical, interactive workshop, introducing and exploring web application security challenges
Anyone interested in developing their technical and security testing skills
Laptop, Docker, TicketMagpie, Zed Attack Proxy or BurpSuite Free
We know that application security is important. We have to protect our customers' data and our employers' data while keeping our systems up and running. But do we have the skills and knowledge to meet that challenge?
During this workshop, we will explore some of the skills, and techniques of security testing by working with a vulnerable web application. Through interactive hands-on learning, we will discover the key security issues that affect web applications today. Testers will learn skills to identify software vulnerabilities and understand common threats and risks that occur in web-applications. We will also examine some of the tools and utilities that can enhance and extend security testing efforts.
Building upon personal experience of integrating security testing into an existing organisation, incorporating DevOps, continuous delivery and integration, this workshop will highlight and discuss the reflections of learning from hackers, recent breaches and the socio-economic, political and technical impact upon software development organisations. Attendees will take away a set of advice and techniques to incorporate and enable security testing into their day to day work, answering some of the questions that may arise around scope, skills, tools, models and learning.
30-min New Voice Talk
30-minute Talk
30-min New Voice Talk