Secure Application Development - Academia Edition



All necessary equipment will be provided including computer, wired/wireless network connection, tools and utilities.

As organizations learn to protect infrastructure systems better, attackers are turning their attention over to web applications and traditional firewalls or system lockdowns are simply not sufficient for protecting web application attacks. If you need to secure your web and desktop applications, and need to learn the basic mistakes a software developer makes in his / her software that leads to security holes in the organizations this course is for you.


About
Conference Schedule
Worskhops: 1 & 2
Registration
Sponsors
Post-Event Report


This beginners and intermediate level, hands on, course covers the principles of securing web applications and the common vulnerabilities that are leveraged by attackers as well as general defense techniques to protect against future attacks. By helping you to understand the attacks and mechanics of components that affect security of applications layer, this course enables you to properly defend on layer 7 of OSI model. For each of the common vulnerabilities, manual and automatic testing methodologies are covered to ensure you can reveal vulnerabilities in existing applications.

This challenging course is particularly well suited to developers, application security professionals and penetration testers who have interest in Layer 7. With the information you learn in this class, you will be able to test existing web applications against common exploitation techniques as well as architect, design and develop more secure applications.

Sample topics include:

  • URL manipulations and Format string Vulnerabilities
  • Introduction to SQL Injection, Attack Samples and Prevention techniques
  • Authentication and Application Access Control
  • Session Management, Application Logs and Analysis
  • General Input Validation
  • Cross Site Scripting
  • Phishing and Mitigations
  • Credit Card Handling

What Do I Get?

You get more than just knowledge of the latest tricks and techniques. You take home the following stuff:
  • Certificate of Completion
  • A bootable BackTrack(tm) distribution - BackTrack is the Top rated Linux live distribution focused on penetration testing. The merging of two very popular distributions (Whax and Auditor Security Collection) has catapulted BackTrack to the #1 spot on the "Top 100 Network Security Tools" list - http://sectools.org.!
Who Should Take the Course?

If you are a software engineer or application developer, security personnel, auditor, and/or consultant concerned with applications and system security, then you should take this course.

Trainers:

Abdul Waheed

Mr. Abdul Waheed has system development experience of more then ten years; he is current working at Karachi Stock Exchange Guarantee Limited as Manager Trading System Core Development. His job responsibilities include secure architecture and designing of distributed complex systems and managing his team for the said development. He is also an active security researcher and helped out various organizations by finding critical security holes in the application layer.

Muhammad Ubaid

Muhammad Ubaid has system development experience of more then six years, he is current working at Infinilogic Private Limited as Assistant Manager Web Applications Development. His current job is to develop web and desktop based applications for about more then 35,000 virtually hosted companies, and make sure that the developed systems are free from security vulnerabilities.

Register Now

Course Length: 4 Hours