OWASP Top Ten Critical Application Risks Training (DAY TWO) presented at saintcon 2017

by Dmitry Dessiatnikov,

Summary : The objective of this training is to increase the security awareness and experience with identification and mitigation of vulnerabilities in web and mobile applications. The goal is to produce future applications that are increasingly resilient to attacks. The training is language neutral as the concepts apply to any programming language or development framework with the examples from the most popular ones. The participants will have an opportunity to apply the learned concepts during the hands-on labs and exercises.
Real-world examples drawn from the instructor's pen testing experience are used to demonstrate how OWASP Top 10 vulnerabilities can be combined into surprising compromises. During and after the training attendees will have a custom VM with all the open source tools and hands-on labs/modules that they can practice with after the training or share with their colleagues who missed the training.