The OWASP Top Ten 2022 Release
The OWASP Top 10 is a standard awareness document for web developers and web application security professionals. It represents a broad consensus about the most critical security risks to web applications. As software developers author code that makes up a web application, they need to embrace and practice various secure coding techniques. This training provides defensive instruction in relation to the OWASP Top Ten to aid developers in authoring secure software.
- May 22Oslo Spektrum2 days07:00 - 15:00 UTCJim Manico14 490 NOK
The class is a combination of lecture, security testing demonstration, code review and hands-on secure coding labs. Students will learn the most common threats against API's and web application and microservices. More importantly, students will learn how to design and code secure API, web and microservices solutions via defense-based code samples, architectural review and more.
A01:2021-Broken Access Control
A06:2021-Vulnerable and Outdated Components
A07:2021-Identification and Authentication Failures
A08:2021-Software and Data Integrity Failures
A09:2021-Security Logging and Monitoring Failure
A10:2021-Server-Side Request Forgery
Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also an investor/advisor for Nucleus Security, BitDiscovery, SecureCircle, and Inspectiv. Jim is a frequent speaker on software security practices, is a member of the Java Champion community, and is the author of "Iron-Clad Java: Building Secure Web Applications" from Oracle Press. Jim also volunteers for the OWASP foundation as the project lead for the OWASP Application Security Verification Standard and the OWASP Cheatsheet Series. For more information, see https://www.linkedin.com/in/jmanico.