OWASP Top Ten in der Praxis (Therme Erding) - Christoph Iserlohn
Description
Web applications are constantly exposed to the risk of attacks. The damage caused by a successful attack can be enormous. Just one vulnerability can be enough.
In this training course, you will learn how to detect and fix vulnerabilities in web applications. In practical small group exercises, you will take on the role of the attacker and learn how to exploit vulnerabilities. This will give you a deeper understanding of how these attacks work in practice. We will be guided by the OWASP Top Ten, a list of the biggest security risks for web applications.
Once we have identified a vulnerability together, we will explain where exactly the problem lies and discuss appropriate preventive and countermeasures.
Agenda
-
OWASP Top Ten
-
Focus & Exercise: Security Misconfiguration & Broken Authentication
-
Focus & Exercise: Broken Access Control & Cryptographic Failures
-
Focus & Exercise: Injection Attacks
-
Focus & Exercise: Insecure Deserialization & Components with known vulnerabilities
-
Effective Countermeasures
Your Trainers
Christoph Iserlohn
INNOQ
Scalability and security, host of INNOQ’s Security Podcast
- Flexible architectures
- OWASP Top Ten in practice
- Securing legacy software
- Web Security
Christoph Iserlohn is a senior consultant at INNOQ. He has many years of experience in the development and architecture of distributed systems. His main focus is on the topics of scalability, availability, and security.