So it’s been a little bit since there was an update but I have exciting news coming down the pipe… I will presenting three sessions this year at Nebraska.Code(). I decided that I would be branching out this year and attempting to add another conference to Prairie.Code(), that was until I found out that there wouldn’t be a Prairie.Code() this year. While I am sad to see it go I think that with the proximity of the two conferences it’s probably for the best.
The great news is that I managed to get three of my sessions accepted this year, one of the sessions is an 8 hour workshop. So without any further yapping from me, here are the presentations that will be presented at Nebraska.Code()
Software security isn’t a tool or a library, everyone knows that you should check your parameters, and watch out for SQL injection, but is that really enough? If you have never had the opportunity to spend time hacking your own applications, you are really doing yourself a disservice. More than ever, the web is becoming an increasingly hostile environment, and because of it developers really need to step up their game. In this session we will go over some of the methodologies that we use internally to test applications, helping developers to think more strategically about designing applications for general security. As part of this conversation I will go over active attacks that we have seen against production sites using sterilized examples.
Application Security or Hacking yourself everyone else is…
Application developers are the first line in defending applications from attack, there are thousands of software and hardware solutions to attempt to make your software more safe and secure. In the end if the software isn’t developed properly and securely no amount of software or hardware is going to protect you. In this session I plan to go over, identifying weak code, testing for it, and fixing it.
In this session we will go over in-depth the process for doing application security testing on your own applications. As part of the session we will go through and identify all of the items on the OWASP top 10, how to test them using DVWA (the Damn Vulnerable Web Application), and talk about strategies to mitigate the.
Requirements: Students to the class must have:
Offensive Application Security for Developers…
This conversation is an indepth dive into the Important parts of GDPR for software developers. Even though GDPR is a European standard, there’s no denying that this is the direction that the software industry is going, more emphasis will be placed on protecting the data that customers and businesses rely on. In this conversation we will discuss the GDPR, the impacts of this law, and what can be done from the software development side to make sure we develop software that follow defense in depth practices.