Filtering by: Development
DevSecOps - SDLC Process
Oct
7
7:30 AM07:30

DevSecOps - SDLC Process

Presenter:  notsosecure

Tracks:  Pentesting, Application Security

Format: 1 Day Training

Create a security culture/mindset amongst the already integrated “DevOps” team.

  • Find and fix security bugs as early in SDLC as possible.

  • The culture promotes the philosophy “security is everyone’s problem”.

  • Integrate all security software centrally and utilize the results more effectively.

  • Measure and shrink the attack surface.

 DevSecOps extends DevOps by introducing security early into the SDLC process, thereby  minimizing the security vulnerabilities and enhancing the software  security posture. In this workshop we will show how this can be achieved through a series of live demonstrations and practical examples.

View Event →
AppSec for Developers
Oct
8
to Oct 9

AppSec for Developers

Presenter: notsosecure

Tracks:  Application Security, Development

Format: 2 Day Training

·         Covers industry standards such as OWASP top 10 with practical demonstration of vulnerabilities complemented with hands-on lab practice.

·         Provides insights into the latest security vulnerabilities (such as host header injection, XML external entity injection,attacks on JWT tokens,known plaintext attacks, deserialization vulnerabilities).

·         Offers thorough guidance on best security practices (Introduction to various security frameworks and tools and techniques for secure application development).

·         Makes real-world analogies for each vulnerability explained (Understand and appreciate why Facebook would pay $33,000 for XML Entity Injection vulnerability?).

·         Provides online labs for hands-on practice during and after the course (2 Days)

 

 

View Event →