Back to Pre-Conference Training Page

Back to Conference Home Page

Finding and Fixing Web Application Security Vulnerabilities

Two-Day Interactive (Classroom) Training - AppSec New Zealand Conference 2021

UPDATE: Due to an issue with the primary instructor’s availability, this class has been cancelled.

Abstract

Software security vulnerabilities are big business for potential attackers. Identifying them early and knowing what common pitfalls to avoid can make a big difference to your resilience. This course will help you to understand, identity and avoid common software security vulnerabilities.

Course Details

Dates: Wednesday and Thursday, 10-11 February 2021

Time: 8:45 a.m. to 5:30 p.m. (NZDT), each day

Instructors: Laura Bell and Toni James, SafeStack Academy

Course Fee: NZ $1,150.00 (plus GST and ticketing fees)

Registration Site: https://events.humanitix.com/appsecnz-training

Maximum Enrolment: 65 attendees

Attendees Should Bring:

• Any laptop that can run an updated web browser (Chrome or Firefox)

Course Outline

This course is aligned with the Open Web Application Security Project® (OWASP) Top 10 Web Application security vulnerabilities. These include:

• Injection
• Broken Authentication and Session Management
• Cross-Site Scripting (XSS)
• Insecure Direct Object References
• Security Misconfiguration
• Sensitive Data Exposure
• Using Components with Known Vulnerabilities

In addition to these vulnerabilities, students will gain skills and experience with the following:

• Security mindset and hacker motivations
• Popular security testing tools
• Security threat assessment and code review

This course is designed to be hands on and interactive. Lecture material is combined with a range of custom built labs to test students and let them experiment with the vulnerabilities in action.

Your Instructors

Laura Bell

With almost a decade of experience in software development and information security, Laura Bell specializes in bringing security survival skills, practices, and culture into fast paced organisations of every shape and size. An experienced conference speaker, trainer, and regular panel member, Laura has spoken at a range of events such as BlackHat USA, Velocity, OSCON, Kiwicon, Linux Conf AU, and Microsoft TechEd on the subjects of privacy, covert communications, agile security, and security mindset. She is also the co-author of Agile Application Security, published my O’Reilly Media, and a regular writer for a range of blogs and magazines on security issues.

Laura is the founder of SafeStack, a specialist security training, development, and consultancy firm. Twitter: @lady_nerd

Toni James

Toni is a security consultant, software engineer, conference organiser, committee member, speaker, and diversity and inclusion advocate.

She’s an avid snowboarder and mountain biker with her human and fur family in the Korowai mountains of New Zealand. You can find her running the Christchurch Hacker Conference, attending ISIG and Canterbury Tech meetups, or chatting with the Hacker Book Club crew. Twitter: @_tonijames