Web App Security

Hi JS engineers!

Together with Front-End Ams meetup (https://www.meetup.com/frontendams/events/241825132/) we're happy to announce a new event that will take place at Bynder office in Amsterdam. And we have a great subject to discuss.

1st talk: Web App Security

Semantics, dependencies, performance, business logic, scalability, consistency, UX, browser limitations, unit tests, accessibility, what else a good frontend developer should keep in mind building another successful product? How about... security? How often do we proactively taking care of it and what's the risk if we just let it go? If you think information security isn't your responsibility—you're wrong.

Talks about frontend vulnerabilities aren't that common: security professionals aren't very talkative and many frontend developers aren't that knowledgeable. We want to improve it and share best practices of cautious development. In this talk we're going to discuss common mistakes in interface architecture, data processing and exposure, XSS and CSRF attack vectors and programming approaches that may lead to troubles.

2nd talk: Certified Secure XSS/XSRF Experience

During the Certified Secure XSS/XSRF Experience a Certified Secure expert will guide the participants through a fun and realistic security challenge that contains multiple Cross Site Scripting (XSS) and Cross Site Request Forgery (XSRF) vulnerabilities.

While working together as a group to complete the challenge, the participants will gain critical insights and learn about the common security pitfalls and mistakes made during development. Thought you knew it all? Think again!

Agenda

18:30 ... Doors open: networking, pizza, beer, soda
19:00 ... Introduction with Gabriel Zigolis (https://www.meetup.com/frontendams/members/153288912/)
19:15 .... Web App Security with John Kraal (https://www.linkedin.com/in/jkraal/)
20:00 .. Break: snacks, beers, discussions
20:15 ... Certified Secure XSS/XSRF Experience with Joost Pol (https://www.linkedin.com/in/joost-pol-3ba49a)
21:00 ... Drinks and networking
22:00 ... Closing

Speakers

John Kraal (https://www.linkedin.com/in/jkraal/), CISO at Bynder

As Chief Information Security Officer, John Kraal has been with Bynder since the beginning, and carries 10 years of industry experience. Together with his colleagues, he is continuously helping the security industry to innovate in technological and organizational security, and find pragmatic and simple solutions to new problems.

Joost Pol (https://www.linkedin.com/in/joost-pol-3ba49a), CEO at Certified Secure

Joost Pol has more than 17 years of experience in digital security. Starting out as a Penetration Tester and Software Auditor. Recognizing the need for practical hands-on security training and certification he co-founded Certified Secure in 2007.

Joost Pol is currently the CEO at Certified Secure (https://www.certifiedsecure.com/) and is internationally recognized for his expertise in digital security. In 2012 he was the winner of the Pwn2Own competition, successfully compromising the iPhone. In 2015 a critical vulnerability in PolarSSL was disclosed by Pol, affecting the popular OpenVPN-NL software used by the dutch government.

Note

This is the same event as Front-End Ams August Meetup (https://www.meetup.com/frontendams/events/241825132/). It doesn't matter in which group you subscribe to the event, more important that you're in the list. We have a limited number of seats, so be quick!

https://secure.meetupstatic.com/photos/event/4/e/a/d/600_459320141.jpeg

See you at Bynder!