Tuesday, April 4, 2017

Join Us at the 2017 AppSec Europe Developer Summit

OWASP AppSecEu 2017 Developer Summit
May 9th -10th, 2017 Belfast, UK

The OWASP Developer Summit educates developers about common vulnerabilities present in web and mobile applications, including how to use tools like OWASP ZAP to implement a secure software development lifecycle. 2017 AppSec Europe Developer Summit sessions are free hands-on workshops where attendees will learn how to do actual penetration tests on vulnerable and real applications as well as implement a secure pipeline.

On-Deploy Security Testing* of web applications with ZAP and Jenkins will provide insights on how to introduce continuous delivery through dynamic security testing. ZAP is an attack proxy and one of the most high-profile OWASP projects; Jenkins is a highly used solution to automate deployments, both help create the ideal combination. Attendees will have the opportunity to learn how to use these tools during this session.

During Reverse engineering APKs attendees will use real banking apps to explore mobile vulnerabilities. The session will discuss two important OWASP Top Ten mobile vulnerabilities and demonstrate how vulnerable APKs (Android Package Kits) are to reverse engineering and code modification. During the workshop, students will exploit vulnerable methods even when the APK is obfuscated and learn how to bypass certificate pinning.

Last but not least, for developers looking to learn and understand how to find web vulnerabilities, Attacking Your Web App provides understanding and insights on how pentesters find them. In this session you will:
  • Use automated scanning tools against a vulnerable web application
  • Learn to use OWASP ZAP  
  • Use sqlmap to enumerate and inject into databases
  • Create strategies for non-technical web app vulnerabilities

With these free sessions, OWASP provides developers with better insights into web and mobile vulnerabilities including, how to use very well known tools to implement automated testing and continuous integration.


For more details on the sessions and where you can sign up, please visit: https://2017.appsec.eu/program/developer-summit

No comments: