SlideShare a Scribd company logo

Appsec training gme

Salil Kumar Subramony
Salil Kumar Subramony
1 of 2
Download to read offline
CWASP DUBAI 2014 (we45 Certified Web Application Security Professional) A G E N D A DAY 1 About the Trainer , advent of the World Wide Web, a brief Session 1 9: 00 to 10:30 The Dismal State of Web Application Security Details relating to the History of significant technologies and elements of the Web 10:30 to 10:45 Break Session 2 10:45 to 12:15 Basic Concepts of Information Security Information Security Concepts that form the bedrock of the understanding of Web Application Security Session 3 12:15 to 13:00 Introduction to Web Application Security Understanding the need for Web Application Security and its challenges faced by Modern Enterprises 13:00 to 14:00 Lunch Session 4 14:00 to 14:45 Significant Web Application Breaches An exploration of significant attacks against web applications with a Real life Case Study Session 5 14:45 to 15:30 Web Application Risk Assessment Exploring methods to perform Risk Assessment for Web Applications 15:30 to 15:45 Break Session 5 15:45 to 17:00 Web Application Threat Analysis and Threat Modelling Identifying Threat Models for Web Application & Integrating Security into the SDLC APPSEC WORKSHOP April 8th & 9th 2014 Emirates Grand Hotel, Dubai Mission: Green Method brings to Dubai, a 2-day we45 Certified Workshop on Core Application Security principles for Application Developers. CWASP is arriving for the first time in the Dubai after successful rendition of the course in the several countries. Aimed at the Product Developers, Architects, Program Managers and Testers, CWASP aims to equip the trainees with platform and technology agnostic remediation strategies against application security vulnerabilities.In addition to the updated concepts of OWASP Top 10 - 2013,the workshop is replete with real world case studies,demonstrations and hands on exercises. Abhay has performed over 300 Application Security Assessments for a wide array of industry verticals, including, banking, IT/ITES, IT Products, manufacturing, and many more. He also provides the "Hacker's View" to application security after having performed numerous Application focused Penetration Tests and assisted law enforcement agencies in some of the major application security breaches. Abhay's work has been featured in several magazines, newspapers, security specific journals and portals. He has also developed multiple tools and scripts to use specifically for Application Security Testing and Assurance. Abhay serves as the Chief Technology Officer at we45. Abhay is a Web Application Security Specialist. He has authored two books, 'Secure Java: For Web Application Development' and 'PCI Compliance: A Definitive Guide' for CRC Press, USA. End of the day’s Program Abhay Bhargav CISA , CISSP, SANS GWAPT, ISO 27001 LA
A G E N D A DAY 2 CWASP DUBAI 2014 APPSEC WORKSHOP End of the Program Course Details Session 6 9: 30 to 11:00 OWASP Top 10 Exploring the details of the OWASP Top 10 with Workshop Exercises and Real life incidents and anecdotes Standard Rate : $650 per Trainee (Early Bird offer for registering before March 19th : $500) ISACA Member’s Rate : $500 (Early Bird offer for registering before March 19th : $400) Delegates should provide their ISACA Member ID Group Rate : $800 (For 2 Participants from the same organization) REGISTER IMMEDIATELY Write to: training@greenmethodonline.com OR Call: Neethu Pillai @ +971 55 169 6204 VISIT www.greenmethodonline.com/appsec.htm 11:00 to 11:15 Break Session 6 11:15 to 13: 30 OWASP Top 10 Exploring the details of the OWASP Top 10 with Workshop Exercises and Real life incidents and anecdotes 13:30 to 14:30 Lunch Session 7 14:30 to 16:00 Application Security Controls and Best Practices Recapitulating the vulnerabilities of the OWASP Top 10 and identifying Application Security Best Practices for Web Applications 16:00 to 16:15 Break Session 7 16:15 to 17:30 Application Security Controls and Best Practices Recapitulating the vulnerabilities of the OWASP Top 10 and identifying Application Security Best Practices for Web Applications we45 Solutions India (P) Ltd. #1439, 22nd Main, Banashankari Bangalore, India The Course designed and the Certificate issued by: CWASP Dubai is a hands-on interactive Workshop. The delegates are required to bring their laptops to the program.

Recommended

SARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma SehgalSARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma Sehgal
Vandana Verma
 
Owasp and friends
Owasp and friendsOwasp and friends
Owasp and friends
Mažvydas Skuodas
 
Owasp top 10-2017
Owasp top 10-2017Owasp top 10-2017
Owasp top 10-2017
malvvv
 
12 owasp top 10 - introduction
12 owasp top 10 - introduction12 owasp top 10 - introduction
12 owasp top 10 - introduction
appsec
 
Building Resilience into Your DevOps Environment
Building Resilience into Your DevOps EnvironmentBuilding Resilience into Your DevOps Environment
Building Resilience into Your DevOps Environment
DevOps.com
 
Dependency check
Dependency checkDependency check
Dependency check
David Karlsen
 
Texto de Ayuda Un2_Taller de ingles
Texto de Ayuda Un2_Taller de inglesTexto de Ayuda Un2_Taller de ingles
Texto de Ayuda Un2_Taller de ingles
Meztli Valeriano Orozco
 
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn'tInfographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Sonatype
 

Recommended

SARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma SehgalSARCON Talk - Vandana Verma Sehgal
SARCON Talk - Vandana Verma Sehgal
Vandana Verma
 
Owasp and friends
Owasp and friendsOwasp and friends
Owasp and friends
Mažvydas Skuodas
 
Owasp top 10-2017
Owasp top 10-2017Owasp top 10-2017
Owasp top 10-2017
malvvv
 
12 owasp top 10 - introduction
12 owasp top 10 - introduction12 owasp top 10 - introduction
12 owasp top 10 - introduction
appsec
 
Building Resilience into Your DevOps Environment
Building Resilience into Your DevOps EnvironmentBuilding Resilience into Your DevOps Environment
Building Resilience into Your DevOps Environment
DevOps.com
 
Dependency check
Dependency checkDependency check
Dependency check
David Karlsen
 
Texto de Ayuda Un2_Taller de ingles
Texto de Ayuda Un2_Taller de inglesTexto de Ayuda Un2_Taller de ingles
Texto de Ayuda Un2_Taller de ingles
Meztli Valeriano Orozco
 
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn'tInfographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Infographic: Heartbleed - Everything Was Secure Until, Suddenly, It Wasn't
Sonatype
 
Orta Doğu'da Mobil Ödemeler
Orta Doğu'da Mobil ÖdemelerOrta Doğu'da Mobil Ödemeler
Orta Doğu'da Mobil Ödemeler
Monitise MEA
 
The Path to Payment Security
The Path to Payment SecurityThe Path to Payment Security
The Path to Payment Security
Tom Cooley
 
Google as a Hacking Tool
Google as a Hacking ToolGoogle as a Hacking Tool
Google as a Hacking Tool
Conferencias FIST
 
Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)
Jeremiah Grossman
 
Top Ten Web Hacking Techniques (2008)
Top Ten Web Hacking Techniques (2008)Top Ten Web Hacking Techniques (2008)
Top Ten Web Hacking Techniques (2008)
Jeremiah Grossman
 
Ganglia Monitoring Tool
Ganglia Monitoring ToolGanglia Monitoring Tool
Ganglia Monitoring Tool
sudhirpg
 
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Minded Security
 
Owasp top 10
Owasp top 10 Owasp top 10
Owasp top 10
Pensamiento Libre
 
Owasp top 10 2017 (en)
Owasp top 10 2017 (en)Owasp top 10 2017 (en)
Owasp top 10 2017 (en)
PrashantDhakol
 
OWASP_Top_10-2017_(en).pdf.pdf
OWASP_Top_10-2017_(en).pdf.pdfOWASP_Top_10-2017_(en).pdf.pdf
OWASP_Top_10-2017_(en).pdf.pdf
SamSepiolRhodes
 
Infosec for web apps 2014_18november2014
Infosec for web apps 2014_18november2014Infosec for web apps 2014_18november2014
Infosec for web apps 2014_18november2014
Directorate of Information Security | Ditjen Aptika
 
529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]
geeksec80
 
529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]
geeksec0306
 
Owasp top 10 2013 - rc1
Owasp top 10 2013 - rc1Owasp top 10 2013 - rc1
Owasp top 10 2013 - rc1
Ajay Ohri
 
OWASP - Building Secure Web Applications
OWASP - Building Secure Web ApplicationsOWASP - Building Secure Web Applications
OWASP - Building Secure Web Applications
alexbe
 
BioCatalyst_Brochure_classes_052815_nocarfair
BioCatalyst_Brochure_classes_052815_nocarfairBioCatalyst_Brochure_classes_052815_nocarfair
BioCatalyst_Brochure_classes_052815_nocarfair
Yoanne Clovis
 
Review Paper ( Research Articles )
Review Paper ( Research Articles )Review Paper ( Research Articles )
Review Paper ( Research Articles )
SaadSaif6
 
White Paper: Leveraging The OWASP Top Ten to Simplify application security a...
White Paper: Leveraging The OWASP Top Ten to Simplify application security a...White Paper: Leveraging The OWASP Top Ten to Simplify application security a...
White Paper: Leveraging The OWASP Top Ten to Simplify application security a...
Security Innovation
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
OWASP Russia
 
App sec owasp from developers prospective
App sec owasp from developers prospectiveApp sec owasp from developers prospective
App sec owasp from developers prospective
Security Innovation
 
Veracode CISO Executive Workshop - presented by Saudi Green Method
Veracode CISO Executive Workshop - presented by Saudi Green MethodVeracode CISO Executive Workshop - presented by Saudi Green Method
Veracode CISO Executive Workshop - presented by Saudi Green Method
Salil Kumar Subramony
 
Veracode CISO Round Table
Veracode CISO Round TableVeracode CISO Round Table
Veracode CISO Round Table
Salil Kumar Subramony
 

More Related Content

Viewers also liked

Orta Doğu'da Mobil Ödemeler
Orta Doğu'da Mobil ÖdemelerOrta Doğu'da Mobil Ödemeler
Orta Doğu'da Mobil Ödemeler
Monitise MEA
 
The Path to Payment Security
The Path to Payment SecurityThe Path to Payment Security
The Path to Payment Security
Tom Cooley
 
Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)
Jeremiah Grossman
 

Viewers also liked (6)

Orta Doğu'da Mobil Ödemeler
Orta Doğu'da Mobil ÖdemelerOrta Doğu'da Mobil Ödemeler
Orta Doğu'da Mobil Ödemeler
 
The Path to Payment Security
The Path to Payment SecurityThe Path to Payment Security
The Path to Payment Security
 
Google as a Hacking Tool
Google as a Hacking ToolGoogle as a Hacking Tool
Google as a Hacking Tool
 
Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)Top Ten Web Hacking Techniques (2010)
Top Ten Web Hacking Techniques (2010)
 
Top Ten Web Hacking Techniques (2008)
Top Ten Web Hacking Techniques (2008)Top Ten Web Hacking Techniques (2008)
Top Ten Web Hacking Techniques (2008)
 
Ganglia Monitoring Tool
Ganglia Monitoring ToolGanglia Monitoring Tool
Ganglia Monitoring Tool
 

Similar to Appsec training gme

529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]
geeksec80
 
529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]
geeksec0306
 
Owasp top 10 2013 - rc1
Owasp top 10 2013 - rc1Owasp top 10 2013 - rc1
Owasp top 10 2013 - rc1
Ajay Ohri
 
BioCatalyst_Brochure_classes_052815_nocarfair
BioCatalyst_Brochure_classes_052815_nocarfairBioCatalyst_Brochure_classes_052815_nocarfair
BioCatalyst_Brochure_classes_052815_nocarfair
Yoanne Clovis
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
OWASP Russia
 
App sec owasp from developers prospective
App sec owasp from developers prospectiveApp sec owasp from developers prospective
App sec owasp from developers prospective
Security Innovation
 
Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013
Aryan G
 

Similar to Appsec training gme (20)

Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
Matteo Meucci Software Security in practice - Aiea torino - 30-10-2015
 
Owasp top 10
Owasp top 10 Owasp top 10
Owasp top 10
 
Owasp top 10 2017 (en)
Owasp top 10 2017 (en)Owasp top 10 2017 (en)
Owasp top 10 2017 (en)
 
OWASP_Top_10-2017_(en).pdf.pdf
OWASP_Top_10-2017_(en).pdf.pdfOWASP_Top_10-2017_(en).pdf.pdf
OWASP_Top_10-2017_(en).pdf.pdf
 
Infosec for web apps 2014_18november2014
Infosec for web apps 2014_18november2014Infosec for web apps 2014_18november2014
Infosec for web apps 2014_18november2014
 
529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]
 
529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]529 owasp top 10 2013 - rc1[1]
529 owasp top 10 2013 - rc1[1]
 
Owasp top 10 2013 - rc1
Owasp top 10 2013 - rc1Owasp top 10 2013 - rc1
Owasp top 10 2013 - rc1
 
OWASP - Building Secure Web Applications
OWASP - Building Secure Web ApplicationsOWASP - Building Secure Web Applications
OWASP - Building Secure Web Applications
 
BioCatalyst_Brochure_classes_052815_nocarfair
BioCatalyst_Brochure_classes_052815_nocarfairBioCatalyst_Brochure_classes_052815_nocarfair
BioCatalyst_Brochure_classes_052815_nocarfair
 
Review Paper ( Research Articles )
Review Paper ( Research Articles )Review Paper ( Research Articles )
Review Paper ( Research Articles )
 
White Paper: Leveraging The OWASP Top Ten to Simplify application security a...
White Paper: Leveraging The OWASP Top Ten to Simplify application security a...White Paper: Leveraging The OWASP Top Ten to Simplify application security a...
White Paper: Leveraging The OWASP Top Ten to Simplify application security a...
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
 
App sec owasp from developers prospective
App sec owasp from developers prospectiveApp sec owasp from developers prospective
App sec owasp from developers prospective
 
Veracode CISO Executive Workshop - presented by Saudi Green Method
Veracode CISO Executive Workshop - presented by Saudi Green MethodVeracode CISO Executive Workshop - presented by Saudi Green Method
Veracode CISO Executive Workshop - presented by Saudi Green Method
 
Veracode CISO Round Table
Veracode CISO Round TableVeracode CISO Round Table
Veracode CISO Round Table
 
Veracode ciso riyadh
Veracode ciso riyadhVeracode ciso riyadh
Veracode ciso riyadh
 
OWASP Top Ten 2013
OWASP Top Ten 2013OWASP Top Ten 2013
OWASP Top Ten 2013
 
Owasp top 10 2013
Owasp top 10 2013Owasp top 10 2013
Owasp top 10 2013
 
Owasp top 10_-_2013
Owasp top 10_-_2013Owasp top 10_-_2013
Owasp top 10_-_2013
 

Appsec training gme

  • 1. CWASP DUBAI 2014 (we45 Certified Web Application Security Professional) A G E N D A DAY 1 About the Trainer , advent of the World Wide Web, a brief Session 1 9: 00 to 10:30 The Dismal State of Web Application Security Details relating to the History of significant technologies and elements of the Web 10:30 to 10:45 Break Session 2 10:45 to 12:15 Basic Concepts of Information Security Information Security Concepts that form the bedrock of the understanding of Web Application Security Session 3 12:15 to 13:00 Introduction to Web Application Security Understanding the need for Web Application Security and its challenges faced by Modern Enterprises 13:00 to 14:00 Lunch Session 4 14:00 to 14:45 Significant Web Application Breaches An exploration of significant attacks against web applications with a Real life Case Study Session 5 14:45 to 15:30 Web Application Risk Assessment Exploring methods to perform Risk Assessment for Web Applications 15:30 to 15:45 Break Session 5 15:45 to 17:00 Web Application Threat Analysis and Threat Modelling Identifying Threat Models for Web Application & Integrating Security into the SDLC APPSEC WORKSHOP April 8th & 9th 2014 Emirates Grand Hotel, Dubai Mission: Green Method brings to Dubai, a 2-day we45 Certified Workshop on Core Application Security principles for Application Developers. CWASP is arriving for the first time in the Dubai after successful rendition of the course in the several countries. Aimed at the Product Developers, Architects, Program Managers and Testers, CWASP aims to equip the trainees with platform and technology agnostic remediation strategies against application security vulnerabilities.In addition to the updated concepts of OWASP Top 10 - 2013,the workshop is replete with real world case studies,demonstrations and hands on exercises. Abhay has performed over 300 Application Security Assessments for a wide array of industry verticals, including, banking, IT/ITES, IT Products, manufacturing, and many more. He also provides the "Hacker's View" to application security after having performed numerous Application focused Penetration Tests and assisted law enforcement agencies in some of the major application security breaches. Abhay's work has been featured in several magazines, newspapers, security specific journals and portals. He has also developed multiple tools and scripts to use specifically for Application Security Testing and Assurance. Abhay serves as the Chief Technology Officer at we45. Abhay is a Web Application Security Specialist. He has authored two books, 'Secure Java: For Web Application Development' and 'PCI Compliance: A Definitive Guide' for CRC Press, USA. End of the day’s Program Abhay Bhargav CISA , CISSP, SANS GWAPT, ISO 27001 LA
  • 2. A G E N D A DAY 2 CWASP DUBAI 2014 APPSEC WORKSHOP End of the Program Course Details Session 6 9: 30 to 11:00 OWASP Top 10 Exploring the details of the OWASP Top 10 with Workshop Exercises and Real life incidents and anecdotes Standard Rate : $650 per Trainee (Early Bird offer for registering before March 19th : $500) ISACA Member’s Rate : $500 (Early Bird offer for registering before March 19th : $400) Delegates should provide their ISACA Member ID Group Rate : $800 (For 2 Participants from the same organization) REGISTER IMMEDIATELY Write to: training@greenmethodonline.com OR Call: Neethu Pillai @ +971 55 169 6204 VISIT www.greenmethodonline.com/appsec.htm 11:00 to 11:15 Break Session 6 11:15 to 13: 30 OWASP Top 10 Exploring the details of the OWASP Top 10 with Workshop Exercises and Real life incidents and anecdotes 13:30 to 14:30 Lunch Session 7 14:30 to 16:00 Application Security Controls and Best Practices Recapitulating the vulnerabilities of the OWASP Top 10 and identifying Application Security Best Practices for Web Applications 16:00 to 16:15 Break Session 7 16:15 to 17:30 Application Security Controls and Best Practices Recapitulating the vulnerabilities of the OWASP Top 10 and identifying Application Security Best Practices for Web Applications we45 Solutions India (P) Ltd. #1439, 22nd Main, Banashankari Bangalore, India The Course designed and the Certificate issued by: CWASP Dubai is a hands-on interactive Workshop. The delegates are required to bring their laptops to the program.