For Testers: Walkthrough of the OWASP Top 10 Web Application Security Vulnerabilities
This will be a full day walkthrough of the OWASP Top-Ten Web Application Security Vulnerabilities. What they are, how attackers exploit them, and how to test for them in obvious and subtle ways. This is not a penetration testing course, it is a workshop to understand application security at both a strategic and tactical level to enable intelligent liaison with penetration testers and security experts.
Attendees can expect a mixture of theory, brainstorming, and role-playing exercises as attackers and defenders to acquire practical skills for immediate use at work. We will work through testing a completely unprotected application, applying defences, circumventing those defences, then applying strong and effective vulnerability controls.