Software security vulnerabilities are big business for potential attackers. Identifying them early and knowing what common pitfalls to avoid can make a big difference to your resilience. This course will help you to understand, identity and avoid common software security vulnerabilities.
Dates: Wednesday and Thursday, 10-11 February 2021
Time: 8:45 a.m. to 5:30 p.m. (NZDT), each day
Instructor: Laura Bell, SafeStack
Course Fee: NZ $1,150.00 (plus GST and ticketing fees)
Registration Site: https://events.humanitix.com/appsecnz-training
Maximum Enrolment: 65 attendees
Attendees Should Bring:
- Any laptop that can run an updated web browser (Chrome or Firefox)
This course is aligned with the Open Web Application Security Project® (OWASP) Top 10 Web Application security vulnerabilities. These include:
- Broken Authentication and Session Management
- Cross-Site Scripting (XSS)
- Insecure Direct Object References
- Security Misconfiguration
- Sensitive Data Exposure
- Using Components with Known Vulnerabilities
In addition to these vulnerabilities, students will gain skills and experience with the following:
- Security mindset and hacker motivations
- Popular security testing tools
- Security threat assessment and code review
This course is designed to be hands on and interactive. Lecture material is combined with a range of custom built labs to test students and let them experiment with the vulnerabilities in action.
With almost a decade of experience in software development and information security, Laura Bell specializes in bringing security survival skills, practices, and culture into fast paced organisations of every shape and size. An experienced conference speaker, trainer, and regular panel member, Laura has spoken at a range of events such as BlackHat USA, Velocity, OSCON, Kiwicon, Linux Conf AU, and Microsoft TechEd on the subjects of privacy, covert communications, agile security, and security mindset. She is also the co-author of Agile Application Security, published my O’Reilly Media, and a regular writer for a range of blogs and magazines on security issues.