DevOps Conference 2018 Munich, 3 - 6 December 2018
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

Pentesting Workshop: How to Master Your Offensive Security Toolstack

Power Workshop
Till September 27 ✓ Raspberry Pi for free ✓ Team Discount ✓ Save up to € 510 Register now
Infos
Thursday, December 6 2018
09:00 - 17:00
Booking note:
Security Workshop

In this hands-on workshop we’ll all attack the training web app to take on the role of a pentester one step at a time. You’ll learn how to work with professional security tools through a range of practical tasks and will also learn pentesters’ general approach for attacking web apps. Of course, we’ll also deal with defensive measures for protecting the security holes found, though our focus will remain on the systematic use of professional hacking tools for carrying out (partially automated) security analyses. Once you’ve completed this workshop, you’ll have practical experience of carrying out attacks on web apps, which you can transfer into your own software development work so as to increase the security of your projects for the long-term. 

During the course we will attack a prepared demo web-application using tools and techniques available in the Kali Linux VM. Aside from finding vulnerabilities inside this demo application, we will also use tools to escalate them into even more critical vulnerabilities during post-exploitation. 

Aside from manually using the security tools to find and exploit security vulnerabilities, most of them can also be utilized in fully automated ways, being a nice fit into DevOps architectures to enrich CI/CD pipelines with security checks.

The target audience for this hands-on workshop are developers interested in security as well as test engineers / QA wanting to include security tests into their testing arsenal and widen their toolset. 

The pre-requirement is to bring an installation of the free Kali Linux VM (the de-facto standard distribution for pentesting). 

No special deeper development or security knowledge is required to attend this workshop. But a bit of linux shell usage proves definitely helpful when joining. 

Stay tuned:

Behind the Tracks

 

Docker & Kubernetes

Docker, Kubernetes & Co

Microservices

Maximize development productivity

Continuous Delivery

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Logging, Monitoring & Analytics

Handle the complexity of microservices applications

Security

DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the way towards DevOps

Live Demo #slideless

Showing how technology really works