Web Application Security 101
Web Application Security
This highly interactive, intensive 2-day workshop provides essential web application security training for institution IT staff and software developers.
The workshop will cover the security aspects required to develop a secure Internet facing application, how to code securely in order to help prevent security vulnerabilities and also how to test for security vulnerabilities. The Workshop will introduce core concepts in relation to secure application development and associated vulnerabilities, discuss prevention techniques and how to test/detect security issues throughout the development lifecycle. .
- Running: Thursday 19th and Friday 20th July
- Duration: 2 Days from 09:30 -> 16:30
- Location: HEAnet Offices, Dublin
- Fee: €300 per delegate.
HTTP security basics and tools for testing.
- Input validation theory, techniques and associated vulnerabilities
- SQL Injection, Command Injection, XSS
- Output Encoding theory, techniques and associated vulnerabilities, DOM XSS
- Authorisation best practice & CSRF attacks
- Authentication best practice
- Session Management / Cookie security best practice
- Logging best practice
- Error Handling
- Client-Side Security – Click-Jacking, CSP
- Security in the SDL (Systems Development Lifecycle)
All delegates will receive a workbook and software.
Lunch and refreshments will be provided.
This workshop is fully hands-on and requires delegates to bring a Laptop running Windows XP or higher and a USB slot to install the lab software.
Eoin Keary CISSP, CISA.
Eoin Keary is the CTO and founder of BCC Risk Advisory Ltd. (bccriskadvisory.com) a local Irish company who specialise in secure application development, advisory, penetration testing, Mobile & Cloud security and training.
He is also an international board member, and vice chair of OWASP, The Open Web Application Security Project (owasp.org). During his time in OWASP he has lead the OWASP Testing and Security Code Review Guides and also contributed to OWASP SAMM, ASVS and the OWASP Cheat Sheet Series.
Eoin has led global security engagements for some of the world’s largest financial services and consumer products companies. He is a well known technical leader in industry in the area of software security and penetration testing.