Application security 101 with WebGoat
|Architecture, Performance and Security||beginner/novice|
A good defense against insecure code requires understanding the mechanics behind how attackers exploit simple programming mistakes. The WebGoat team will walk through exercises like SQL Injection, XSS, XXE, CSRF, … and demonstrate how these exploits work. We will show you how you can use WebGoat to train your developers to avoid these simple but common programming mistakes. We also show you how to extend WebGoat to create lessons specific to your environment. Join us to learn the most basic, but common, application security problems. Training will be divided in several security topics where we will first explain the vulnerability at hand. After the introduction participants will get hands on experience to exploit the vulnerability. After each topic we end up with explaining best practices how those errors can be avoided.
|Room name is available few days before the conference.|
Nanne is a security software developer with a focus on Java development and one of the project leads for the OWASP WebGoat project.