OWASP AppSec DC 2012/Training/WebAppSec: Developing Secure Web Applications

Revision as of 19:42, 17 January 2012 by Mark.bristow (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Registration Now OPEN! | Hotel | Schedule | Convention Center | AppSecDC.org


Course Length: 1 Day

Web applications continue to be the frontier of wide-spread security breaches. This tutorial will guide through development practices to ensure the security and integrity of web applications, in turn protecting user data and the infrastructure the application runs on. Several attack types and risks will be reviewed (including OWASP?s Top 10), along with how the proper development practices can mitigate their damage. Although examples covered are PHP-based, much of the content is also applicable to other languages. This tutorial was sold out at AppSec USA 2011.

Student Requirements

Laptop Required: Students Need to Bring: chocolate


Audience: Technical, Operations, Enthusiast Skill Level: Intermediate

Attendees will gain the knowledge required to develop secure web applications, along with an understanding of various attack types against web apps and how they are mitigated by the proper coding techniques. The main learning objectives are:
1. Developing the skills for securely coding web applications
2. Reviewing existing web vulnerabilities and their impact
3. Understanding how the proper development techniques mitigates known and some unknown web vulnerabilities

Attendees will also be provided with references for additional information on vulnerabilities, testing tools, etc.


Robert H'obbes' Zakon

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors


Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png


link=http://www.codenomicon.com/ Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg