Session: Java Web Security By Example
Wednesday 13.00 - 13.50
Room: Honey Badger
Learn how to exploit security vulnerabilities that are commonly found in the arsenal of malicious attackers. We won't simply talk about issues like XSS, CSRF and SQL Injection, but will have live demos showing how hackers exploit these potentially devastating defects using freely available tools. You'll see how to hack a real world open source application and explore bugs in commonly used open source frameworks. We also look at the source code and see how to fix these issues using secure coding principles. We will also discuss best practices that can be used to build security into your SDLC. Java developers and architects will learn how to find and fix security issues in their applications before hackers do.
Frank Kim
Frank Kim is the founder and principal consultant with ThinkSec as well as the curriculum lead for application security at the SANS Institute. Frank focuses on security strategy and application security program development with a special interest in integrating security into the SDLC. Frank is the author of the SANS Institute's Secure Coding in Java course. He has spoken internationally at events like JavaOne, Devoxx, Jazoon, and UberConf and was recently named a JavaOne Rock Star.
Tags
Browse our program one tag at a time:
UX Mobile Java Agile .NET Test Mastery Web Architecture Dev Ops Cloud Emerging languages Tools Team Embedded Hard Core Hands on Back end Front end Wetware Creative Fun Rebel Database Javascript Keynote
