More talks in the program:
In this hands-on workshop we’ll all attack the training web app to take on the role of a pentester one step at a time. You’ll learn how to work with professional security tools through a range of practical tasks and will also learn pentesters’ general approach for attacking web apps. Of course, we’ll also deal with defensive measures for protecting the security holes found, though our focus will remain on the systematic use of professional hacking tools for carrying out security analyses. As a second objective of this workshop you will learn what type of security checks can be automated and how this DevOps-style automation of security checks within build chains is best done. Once you’ve completed this workshop, you’ll have practical experience of carrying out manual and automated attacks on web apps, which you can transfer into your own software development work so as to increase the security of your projects for the long-term.
Audience & Requirements
The target audience for this hands-on workshop are developers interested in security as well as test engineers / QA wanting to include security tests into their testing arsenal and widen their toolset.
No special deeper development or security knowledge is required to attend this workshop. But a bit of linux shell usage proves definitely helpful when joining.
As this workshop is a tutorial rich day, there are a couple of basic requirements that need to be met if you’d like to take part in these practical tasks: