30 Vulns in 30 Minutes by Josh Cummings, with Food Provided!

Talk: 30 Vulns in 30 Minutes

When you look at a toaster, is that all you see? A hacker doesn’t. And the same goes for your production web application which hackers look at not as a way to book hotels or compare zen gardening techniques but a way to steal identities, hijack resources, and make statements. What does a hacker see when he looks at your application? In this talk, learn in rapid-fire succession 30 ways that your application can be used for unintentional fun and profit, using Terracotta, a Spring Boot-based, intentionally-vulnerable web application, as our code backdrop. We’ll look at well-known vulnerabilities like XSS as well as lesser-known ones like time-based enumeration. Then we'll turn off the fire hose long enough for a fireside chat with Spring Security committer Josh Cummings to see what we can all do about it. And maybe when you get back to work, you’ll wonder which of these your application is vulnerable to.

Speaker Bio: Josh Cummings

Josh loves to code, and his kids love to code, too! Since he was a wee teenager with a TSR-80 from Radio Shack, he's loved building whatever came to mind. These days, he contributes full-time to the Spring Security codebase, a security library for Java developers. He also is the author of a handful of Pluralsight courses about web application security in Java, which all feature Terracotta Bank, an open-source intentionally-vulnerable web application that helps engineers practice ethical hacking as well as secure coding in Java. When Josh isn't coding, he's dunking over his kids on a seven-foot basketball hoop, eating frosted mini-wheats, or reading Brandon Sanderson. Or he's coding.

Food will be provided by Entrata - thank you Entrata!

Swag Alert

At the end of the presentation, one random lucky winner will win a free 1 year individual subscription to any single JetBrains Toolbox product. Choices includes PhpStorm, WebStorm, DataGrip, or others seen at https://www.jetbrains.com/products.html. Thanks JetBrains!

Venue: Entrata

We will be meeting at Entrata in Lehi. We will be on the first floor on the East side of the building.

Address:

Entrata
4205 Chapel Ridge Rd
Lehi, UT 84043

Enter through the front door and head straight back until you see the double decker bus inside the building. We are in the room just to the left of it.

The After Party

We will be going to JCW's for the After Party. Come check it out with us.

Look forward to seeing everyone on Thursday!