IT Professionals New Zealand | Te Pou Hangarau Ngaio

Hands-on security: Testing your web apps for exploits

23 May 2018: 9:00 am - 5:00 pm

ITP Head Office
Level 24 Grand Plimmer Tower
2-6 Gilmer Terrace
Wellington

View Map

Also available on demand or in-house. Details

View other Locations/Dates


ElfEldridge.jpg

Security is a fundamental part of web development, software development or cloud services within an organisation. But often devs, managers and other staff with responsibility don't have the tools or knowledge to take a formal structured approach to minimising risk.

Our new "Hands-on security" course is a comprehensive one-day course covering the most common current web security exploits and the tools that developers, testers, engineers and security analysts can use every day to detect and protect against vulnerabilities.

Duration:Full Day

The workshop covers the following:

As well as covering general security principles, this course will cover off tools, code and documentation, for example:

Tools:

  • Zed Attack Proxy (web app vulnerability scanner)
  • Offensive Web Testing Framework
  • Web Testing Environment Project
  • Dependency checking

Code:

  • ModSecurity Core Rule Set Project
  • CSRFGuard Project
  • Appsensor Project

Documentation:

  • Application security verification project
  • Software Assurance maturity model
  • OWASP Top Ten Project
  • Testing Guide project 

Objectives

At the end of the course attendees will:

  • Have developed a working knowledge of frameworks (such as OWASP)
  • Have developed hands-on familiarity with several security assessment tools (specifically ZAP and OWTF)
  • Understand what is required for an application to meet Application Security Verification Standards
  • Understood the principles and value of intruder detection systems and dependency checking
  • Understand security assessment management tools such as the developer guide, code guidelines, and static analysis tools
  • Gain awareness of upcoming security projects
  • Have some practical tools and skills they can immediately apply within their organisation 

Target Audience

Anyone responsible for web development, software development or cloud services within an organisation including dev teams, testers, security analysts, managers and more.

About The Trainer

Dr Elf Eldridge is a consultant for security consultancy Cyber Toa. Previously he taught computer science, engineering, physics and mathematics at Victoria Univerity of Wellington from 2013-2017 after obtaining his PhD through The MacDiarmid Institute for Advanced Materials and Nanotechnology.

Registration Details:

You can register for this event via Credit Card online now by using the link below, or alternatively call 0800 252 255 with your Credit Card details.

ITP Corporate Partners and approved organisations can opt to pay by invoice by calling 0800 252 255 or emailing attendee and business details through to registrations@itp.nz. Credit criteria and other conditions apply.


Want to run it at another time or place, or in-house?

Can't attend at the scheduled time, would like it in another city or want to enquire about running it in-house? No problem!

Simply register your interest and we'll look at whether we can bring to you when you want it. If you're interested in an in-house option, register your interest and we'll come back to you.


Attendance Cost

All ITP Financial Members$430.43 + GST / $495.00 incl GST
Staff of Corporate Partners (20% Discount)$480.00 + GST / $552.00 incl GST
Non-Members$600.00 + GST / $690.00 incl GST

 
 
View All 123 ITP Partners