This event has ended

Free OWASP Training

OWASP Foundation

Monday, February 24, 2014 from 2:00 PM to 7:00 PM (PST)

San Francisco, CA

Ticket Information

Ticket Type Sales End Quantity
3 Hour Training 2pm - 5pm Ended Free  
OWASP Social Event - sponsored by the OWASP Bay Area Chapter 5pm - 7pm Ended Free  
OWASP is supported by your donations. Please consider giving a suggested donation of $30 Ended

Share Free OWASP Training

Event Details

Application Security – Where do I start?

Writing Secure code is the most effective method to securing your web applications. Writing secure code takes skill and know- how but results in a more stable and robust application and assists in protecting an organizations brand. Application security is not commonly a part of many computer science curricula today and most organizations have not focused on instituting a culture that includes application security as a core part of their software development training efforts.

This intensive boot-camp focuses on the most common web application security problems, including aspects of both the OWASP Top Ten (2010) and the MITRE Top 25. The course will introduce and demonstrate application assessment techniques, illustrating how application vulnerabilities can be exploited so students really understand how to avoid introducing such vulnerabilities in their code and understand fixes.

• 3 hour training session covering:

  • In-depth XSS attacks and defense, including interactive labs and demos.

  • Introducing students to both server side encoding using ESAPI (Java) and client side controls such as ESAPI4JS with code examples.

  • Injection theory and defenses for both client and server with code examples.

  • SQL Injection attacks, theory and defense with Labs covering typical SQL injection and

    more advanced OS/Command Injection attacks with code examples.

  • Comprehensive section covering crypto implementation techniques, best practice and pitfalls with code examples.

  • CSRF attacks and defense including Labs/Demos with code examples.

  • ClickJacking – What is it, why should I care? Defense and Labs/Demos

  • Web access control and authorization best practice with code examples.

  • Authentication best practice with code examples.

  • This class has been delivered to over 1000 people since 2011 including RSA 2013, RSA EU 2014, LASCON, AppSec EU, AppSec USA

  • This class is free to all whom attend. It is supporting part of the OWASP mission to educate developers and testers alike in secure code techniques. 

About the Trainers

Jim Manico

Independent training consultant and has been a web application developer since 1997.

He has also been an active member of OWASP since 2008 supporting projects that help developers write secure code.

Jim lives in Hawaii and California, USA


Eoin Keary

Eoin Keary is the CTO and founder of BCC Risk Advisory Ltd and an international board member of OWASP.

He has also led global security engagements for some of the world’s largest financial services and consumer products companies. He has over 15 years expereince in software development and application security

He is a well known technical leader in industry in the area of software security and penetration testing. He previously lead the OWASP code review and testing projects and is focused on software security. Eoin lives in Dublin ,Ireland. (Not as nice as Hawaii....)


Have questions about Free OWASP Training? Contact OWASP Foundation

When & Where


Jillian's Billiards Club
175 4th St
San Francisco, CA 94103

Monday, February 24, 2014 from 2:00 PM to 7:00 PM (PST)


  Add to my calendar

Organizer

OWASP Foundation

The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks.

  Contact the Organizer

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.