We are conducting class in Singapore from 25th-27th November. Detail over here
Enterprise application source code, independent of languages and platforms, is a major source of vulnerabilities. The class is designed and developed to focus on enterprise architecture and application analytics to discover vulnerabilities. One of the CSI surveys on vulnerability distribution suggests that in 64% of cases, a vulnerability crops up due to programming errors and in 36% of cases, due to configuration issues. We will be covering analysis techniques, with tools, for assessment and review of enterprise application source code. Enterprise 2.0 and mashups, along with other different Web 2.0 concepts, reinforced by hands-on experience, will help in understanding next generation application requirements.
It is imperative to know source code review methodologies and strategies for analysis. The emphasis of the class would be to develop a complete understanding of source code analysis, audit methodologies, techniques and tools. Knowledge gained would help in analyzing and securing enterprise applications at all different stages - architecture, design and/or development. The course is designed by the author of "Web Hacking: Attacks and Defenses", "Hacking Web Service" and "Web 2.0 Security - Defending Ajax, RIA and SOA", bringing his experience in application security and research to the curriculum. Special focus is given to compliance and Top-25 errors for enterprise applications.
This class is hands-on and needs laptops to implement its numerous exercises designed to run hand-in-hand with their concepts. The class features real life cases, hands-on exercises, code scanning tools and defense plans. Participants would be methodically taken down to the source code level and exposed to the possible flaws in architecture, design and coding practices. The class would then focus on the proper ways of writing secure code and analyzing the code base.
Visit for full detail