For those of you sitting on the fence about coming to OWASP AU 2009, it’s time to book. ð
The training materials I’ve developed using OWASP ASVS covers all the ground in the ASVS in one day, from a developer perspective:
- About the Application Security Verification Standard
- What you need to verify code
- About RiskÂ
- The ASVS Levels
- Verifying Architecture
- Verifying Authentication
- Verifying Session Management
- Verifying Access Control
- Verifying Input validation
- Verifying Output encoding / canonicalization
- Verifying Cryptography
- Verifying Error Handling / Logging
- Verifying Data Protection
- Verifying Communications Security
- Verifying HTTP Security
- Verifying Configuration
- Verifying Malicious Code
- Verifying Internal security controls
- How to write a decent report and how to communicate (good and) bad newsÂ
It’s going to be a long day, so bring your game to the sunny Gold Coast, Australia. OWASP AU is a true bargain compared to commercial offerings.
If you have some training budget, book a ticket and come see me and have a blast!
Leave a Reply