SECURE CODING: Building Secure Web Applications in Java/J2EE
Venue: Residenza di Ripetta
Event Date/Time: Apr 27, 2009 | End Date/Time: Apr 29, 2009 |
Description
This class starts with a description of the security problems faced by today's software developer, as well as a detailed description of the Open Web Application Security Project’s (OWASP) “Top 10†security defects. These defects are studied in instructor-lead sessions as well as in hands-on lab exercises in which each student learns how to actually exploit the defects to “break into†a real Web application. (The labs are performed in safe test environments.)
Remediation techniques and strategies are then studied for each defect. Practical guidelines on how to integrate secure development practices into the software development process are then presented and discussed.
KEN VAN WYK
He is an internationally recognized information security expert and author of the O’Reilly and Associates books, “Incident Response and Secure Codingâ€. In addition to providing consulting and training services through his company, KRvW Associates, LLC, he currently holds numerous positions: as a monthly columnist for on-line security Portal, eSecurityPlanet and a Visiting Scientist at Carnegie Mellon University's Software Engineering Institute. Mr. van Wyk has 20+ years experience as an IT Security practitioner in the academic, military, and commercial sectors. Mr. van Wyk also served a two-year elected position as a member of the Steering Committee for the Forum of Incident Response and Security Teams (FIRST) organization. At the Software Engineering Institute of Carnegie Mellon University, Mr. van Wyk was one of the founders of the Computer Emergency Response Team (CERT®).