|
|
Hands on training at AppSecUSA!
It’s one thing to hear from leading technology professionals and pioneers at an information and applications securities conference … but nothing beats hands on, immersive learning and training opportunities led by those same thought leaders and change makers. Imagine stepping away from your desk for two full days to explore application security automation alongside CTO of We45, Abhay Bhargav, or identifying security risks by hacking into IoT devices during an afternoon with Aditya Gupta, Founder and CEO of Attify. What if you could collaborate with global industry experts on open-source defensive security techniques and practice mitigating mobile app attacks in a real-life test environment?
During the first two days of OWASP’s 14th annual AppSecUSA conference in Orlando, Florida from September 19 – 22, 2017, you can. Guests will have the opportunity to participate in two full-day, self-guided training sessions with other attendees and speakers such as Sebastien Deleersnyder, Managing Partner and co-founder of Belgian securities company Toreon, and many more. These pre-conference training days will set the tone for OWASP’s signature AppSecUSA event, which showcases cutting edge lectures and keynote sessions featuring securities experts from around the world in a friendly, interactive environment.
Explore the full training and lecture schedule here: https://appsecusa2017.sched.com/, or preview the conference’s announced speakers list. The conference is just a month and a half away, with registration tickets going fast and hotel accommodations filling up even faster. Don’t miss OWASP’s exclusive opportunity to learn from and rub elbows with the most senior security developers and experts out there. No matter what industry you’re in, or where you live, this exciting, international conference is the place to be as a security and information leader.
|
AppSec USA Speakers are announced!
A Senior Application Security Engineer for Verizon, the Director of Software Engineering for Capital One, and a Senior Cloud Security Engineer at Netflix walk into a bar …
No, this isn’t the start of a bad information securities joke. It’s a preview of the speakers you can expect to hear from at OWASP’s AppSecUSA Conference in Orlando, Florida from September 19 – 22, 2017. In addition to individual breakout sessions featuring application security and information technology leaders from companies such as Citrix Systems, Slack, PayPal, and USAA, you’ll also have direct access to daily keynote addresses showcasing the latest security ideas and technology advances.
AppSecUSA’s opening keynote kicks off with a not-to-be-missed session from educator and author Jim Manico and Cigital CTO John Steven. Jim will weave topics from his upcoming book about Java web security with John’s expertise on threat modeling and architecture risk analysis to frame up today’s landscape in secure development and where the industry is going.
On day two, Runa Sandvik, Director of Information Security at The New York Times, delves deeper into how application and information security impacts a variety of industries, including journalism and the general population’s understanding of the news. And if that wasn’t enough, Jen Ellis, VP of Community and Public Affairs for Rapid7, will wrap up the conference with her perspectives on how technology specialists and government agencies can work better together for a more secure information infrastructure in our world today.
AppSecUSA’s speakers tackle hot topics from government security to threat management, and from DevOps security to cookie security and supply chain management across a wide array of industries. For a full list of announced follow the AppSec USA Schedule register for AppSecUSA today. This is one lineup you don’t want to miss!
|
Dragons, Pixis, & iOS!
Are you a developer interested in learning how to your code can be better? The OWASP Developer Summit is your FREE two day training opportunity! Qualified trainers will walk you through threat modeling with the OWASP Threat Dragon, attacking products through APIs, and everything you need to know to keep your iOS Apps safe.
Using OWASP Threat Dragon for Threat Modeling
OWASP Threat Dragon is a new OWASP project that introduces a threat modeling tool that is portable (able to be used on the web in various platforms), integrates well with build process, and is a great tool to introduce to developers and teams. This developer hands-on session will focus on introducing the Threat Dragon tool, best ways to use the tool in a day-to-day developer environment, and making it part of the CI implementation (including integration with Jenkins, etc.).
Hacking APIs and Web Services with OWASP DevSlop & PIXI!
Modern applications often use APIs and other micro services to deliver faster and better products and services. However, there are currently few training grounds for security testing in such areas. In comes DevSlop, OWASP's newest project, a collection of DevOps security disasters made as a vulnerable testing and proving ground for developers and security testers alike. DevSlop's Pixi, the first of many entries to come for this OWASP project, will be demonstrated and presenting for participant's hacking and learning pleasure. Pixi consists of vulnerable web services, and participants will be walked through how to exploit several of it's vulnerabilities so they can learn how to do better when they create their own web services and other types of APIs from now on.
Extreme iOS App Exploitation, Defense and ARM Exploitation
Detailed training contents: https://goo.gl/swp7F8 iOS has become one of the most popular mobile operating systems with more than 1.4 million apps available in the iOS App Store. Some security weaknesses in any of these applications or on the system could mean that an attacker can get access to the device and retrieve sensitive information. This training will show you how to conduct a wide range of penetration tests on iOS applications to uncover vulnerabilities and strengthen the system from attacks. Extreme iOS App Exploitation, Defense and ARM Exploitation is a 14 hrs session which will help you conduct end to end pentesting of iOS Applications and will also help you to understand the security measures which needs to be taken. This training will also have CTF challenge where attendees will use their skills learnt in session. To attend this hands-on session, all you have to do is bring your macbook with xcode installed on it.
Register to get your spot today!
|
OWASP World Tour
OWASP will be hosting three FREE Developer training events this year! These training events will feature paid professional trainers teaching ~500 people in three countries around the world. Keep an eye on the OWASP Blog, Facebook, and Twitter accounts for the CfT which will be opening soon.
Tokyo: September 30, 2017; Tokyo Institute of Technology
Boston: October 9, 2017; Boston University
Tel Aviv: October 17, 2017; The College of Management
|
Upcoming Events
Regional and Local Events
- AppSec AU — September 7–9, 2017; Melbourne, Australia
- OWASP Indonesia Day — September 9, 2017; Yogyakarta, Central Java, Indonesia
- New York Metro Joint Cyber Security Conference — October 5, 2017;New York, NY
- Cheat Sheet Workshop with Jim Manico — September 10–12, 2017; Frankfurt, Germany
- OWASP Bucharest AppSec Conference 2017 — October 6, 2017; Bucharest, Romania
- AppSec Israel 2017 — October 17–18, 2017; Tel Aviv, Israel
- LASCON 2017 — October 26–27, 2017; Austin, TX, USA
- OWASP AppSec Africa 2018 — May 10–12, 2018; Morocco
Training Events
- OWASP World Tour (Details Coming Soon!) — October 9, 2017; Boston University, Boston, MA, USA
Developer Summits
Partner and Promotional Events
- Security BSides Amsterdam — September 1, 2017; Amsterdam, Netherlands
- DevSecCon Boston -September 11-12, 2017; Boston, MA, USA
- (ISC)2 Secure Johannesburg 2017 — October 5, 2017; Johannesburg, South Africa
- https://edgesecurityconference.com/ — October 17-18, 2019; Knoxville, TN, USA
- ISACA Ireland Conference 2017 — October 20, 2017; Ireland
- IoT Tech Expo North America — November 29-30, 2017; Santa Clara, CA, USA
|
|