Secure Coding: major Web attacks and how to defeat them

Venue: Visconti Palace Hotel

Location: Rome, Italy

Event Date/Time: May 09, 2011 End Date/Time: May 11, 2011
Report as Spam


This course teaches the students how to develop secure web applications in today’s complex internetworked environment. Students will receive a deep and thorough understanding of the most prevalent and dangerous security defects in today’s applications. Additionally, they will learn practical and actionable guidelines on how to remediate against these common defects in Java/J2EE and how to test for them in their own applications.

This class starts with a description of the security problems faced by today's software developer, as well as a detailed description of the Open Web Application Security Project’s (OWASP) “Top 10” security defects. These defects are studied in instructor-lead sessions as well as in hands-on lab exercises in which each student learns how to actually exploit the defects to “break into” a real Web application. (The labs are performed in safe test environments.)

Remediation techniques and strategies are then studied for each defect. Practical guidelines on how to integrate secure development practices into the software development process are then presented and discussed.

Main Topics
Preparation Phase: Understanding the problem
Overview of available solutions
Exploiting Web application weaknesses
Exploiting Web application weaknesses, continued
Secure development processes
Introduction to design review exercise
Processes in depth – Design review
Architectural and design exercises
Processes in depth – Static code analysis
Static code analysis exercise
Processes in depth – Security testing
Getting started


Additional Information

For further information please do not hesitate to contact us at or visit our website at