Secure Development

By Laura Bell

Software security vulnerabilities are big business for potential attackers. Identifying them early and knowing what common pitfalls to avoid can make a big difference to the resilience of your applications. The Secure Development course will help you to understand, identity and avoid common software security vulnerabilities in your code.

This 2 day course provides an engaging and practical way to learn about software security vulnerabilities at a pace that suits your organisation.

Syllabus

This course is aligned with the Open Web Application Security Project (OWASP) top 10 application security vulnerabilities. These include:

  1. Injection

  2. Broken Authentication and Session Management

  3. Cross-Site Scripting (XSS)

  4. Insecure Direct Object References

  5. Security Misconfiguration

  6. Sensitive Data Exposure

  7. Missing Function Level Access Control

  8. Cross-Site Request Forgery (CSRF)

  9. Using Components with Known Vulnerabilities

  10. Unvalidated Redirects and Forwards

 In addition to these vulnerabilities, students will gain skills and experience with the following:

  • Security mindset and hacker motivations

  • Popular security testing tools

  • Security threat assessment and code review

 This course is designed to be hands on and interactive. Lecture material is combined with a range of custom built labs to test students and let them experiment with the vulnerabilities in action.

Who will benefit the most from this course 

Anyone interested in secure software development, threat assessment and code review. Some programming knowledge is assumed. For anyone worried about having the prerequisite knowledge for this course, there will be no pre-course material sent out as you only need some programming knowledge. Make sure you're at the venue by 8:45am to start the course.

About the Trainer

With almost a decade of experience in software development and information security, Laura Bell specializes in bringing security survival skills, practices, and culture into fast paced organisations of every shape and size. An experienced conference speaker, trainer, and regular panel member, Laura has spoken at a range of events such as BlackHat USA, Velocity, OSCON, Kiwicon, Linux Conf AU, and Microsoft TechEd on the subjects of privacy, covert communications, agile security, and security mindset. She is also the co-author of Agile Application Security, published by O'Reilly media and a regular writer for a range of blogs and magazines on security issues.

Laura is the founder of SafeStack, a specialist security training, development, and consultancy firm. She lives in Auckland, New Zealand with her daughter.

@lady_nerd

Home     About     Sponsors     Merch     Courses     Tickets     Contact

  • Black Twitter Icon