Diving into web security with the OWASP top 10. A workshop by Philippe De Ryck

This is a past event

12 people went

Location image of event venue

What we'll do

In an effort to raise awareness of web security issues and best practices, and to make related concepts more accessible to everyone in the developer community, we are incredibly happy to partner with world-renowned web security expert Philippe De Ryck and host a free workshop about OWASP top 10 security risks to web applications.

Philippe is the founder of Pragmatic Web Security (https://pragmaticwebsecurity.com/), where he travels the world to train developers on web security and security engineering. He holds a Ph.D. in web security from KU Leuven. Google recognizes him as a Google Developer Expert for his knowledge of web security and security in Angular applications.

****** SESSION **************************************************

Today, every developer needs to have a certain level of security awareness. Unfortunately, getting started with security often seems challenging and impossible. However, it does not need to be. Join this free workshop to get a solid introduction to web security.

This workshop introduces you to the OWASP top 10, an influential document of the 10 most risky vulnerabilities in web applications. Lectures provide an in-depth look into common attacks and their countermeasures. Challenge-based labs allow you to try out attacks and help you think about defences. You will walk away with a set of best practices that will immediately make you a better software engineer.

⚠️⚠️⚠️REGISTRATION ⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️⚠️
Since seating is limited, it is VERY IMPORTANT all attendees register at https://www.eventbrite.sg/e/diving-into-web-security-with-the-owasp-top-10-tickets-64592725581. Admission at the venue will be done EXCLUSIVELY based on your Eventbrite ticket.

08:30 - 09:00 - Doors open. Coffee & tea
09:00 - 09:15 - Introduction
09:15 - 09:45 - The security model of the web
09:45 - 10:45 - The basics of HTTP security (focus on authZ)
10:45 - 11:30 - Lab sessions
11:30 - 12:30 - Server-side Injection attacks
12:30 - 13:15 - Healthy lunch
13:15 - 14:15 - Cross-Site Scripting (XSS)
14:15 - 15:00 - Lab sessions
15:00 - 15:30 - Q&A and conclusion
15:30 - Drinks & Goodbye

This framework/programming language agnostic workshop targets software engineers with limited security experience. Anyone familiar with the technical aspects of a web application is more than welcome

Please bring your laptop with you and make sure you have a modern browser installed


Please note that we are bound by the venue rules to allow entry only based on a valid form of identification, so please make sure you have one with you.

This event, just like all Nulab Developers initiatives, falls under the rules of our Code of Conduct (https://www.meetup.com/Nulab-Techtalks-AMS/pages/27553964/Code_of_Conduct/)