Frank Kim

Security Inception

Frank Kim is the founder and principal consultant with ThinkSec as well as the curriculum lead for application security at the SANS Institute. Frank focuses on security strategy and application security program development with a special interest in integrating security into the SDLC. Frank is the author of the SANS Institute's Secure Coding in Java course. He has spoken internationally at events like JavaOne, Devoxx, Jazoon, and UberConf and was recently named a JavaOne Rock Star.

Website

http://thinksec.com

Twitter

@sansappsec


Sessions

Java Web Security By Example

Wednesday 13.00 - 13.50 in: Honey Badger

Learn how to exploit security vulnerabilities that are commonly found in the arsenal of malicious attackers. We won't simply talk about issues like XSS, CSRF and SQL Injection, but will have live demos showing how hackers exploit these potentially devastating defects using freely available tools. You'll see how to hack a real world open source application and explore bugs in commonly used open source frameworks. We also look at the source code and see how to fix these issues using secure coding principles. We will also discuss best practices that can be used to build security into your SDLC. Java developers and architects will learn how to find and fix security issues in their applications before hackers do.

Tags: Hands on Java Mastery

Security Inception

Wednesday 15.40 - 16.30 in: Grinding the Crack

Learn how your organization can fall prey to malicious attackers. Using real-world case studies you'll see exactly how hackers exploited and embarrassed several well-known companies. See first hand how real attackers abuse common coding mistakes to exploit issues like SQL Injection and Command Injection. Then learn how attackers further their goals using social engineering and basic network security tactics. Analyzing these events provides enormous insight into what works and what doesn't when building, maintaining, and defending your app. Hearing these stories will plant a security seed in your mind that may change everything about the way you develop applications.

Tags: Dev Ops Hands on Mastery