Think Like a Hacker, Defend Like a Cyber Expert
A Hands-On Experience in Web Security
June 19 – 20, 2025 | Berlin or online
EARLY BIRD SPECIALS END IN:
STAY UP TO DATE !
Learn more about IT Security Summit
5 Reasons to attend
Web Security Bootcamp
Hands-On Experience with Web Security
Gain practical skills by simulating real-world attacks and defenses on web applications
Master Modern Security Techniques
Learn cutting-edge topics like OAuth2, HTTP Security Headers, CORS, CSP, and secure cookie management
Comprehensive Coverage of Attack and Defense
Understand both sides of web security: from identifying vulnerabilities to implementing defense mechanisms
Stay Ahead with Current Trends
Dive into up-to-date security challenges and solutions, including the OWASP Top 10 and modern web threats
Expert Guidance and Real-World Scenarios
Benefit from expert knowledge and apply what you learn through practical exercises and case studies
Key Learning Outcomes
-
- Recognize and Evaluate Vulnerabilities: Identify and assess security risks in web applications using manual techniques and automated tools.
- Implement Secure Web Practices: Apply security measures such as CORS, CSP, and secure HTTP headers to protect web applications.
- Secure Data and Authentication: Store passwords securely, ensure data integrity, and implement OAuth2 for secure authentication and authorization.
- Mitigate Front-End and API Risks: Minimize security threats in front-end development and secure APIs against common attacks.
- Use Security Tools Effectively: Leverage tools for static and dynamic analysis to detect and address vulnerabilities efficiently.
Program Overview
Day 1: Web Security Fundamentals
-
-
- IT Security Principles: CIA triad, encryption (symmetric/asymmetric), and hashing.
- Authentication & Authorization: Same Origin Policy, CORS, and cookie security.
- HTTP Security: Implementing security-relevant HTTP headers and CSP.
- Common Web Attacks: OWASP Top 10, credential attacks, XSS, CSRF, injection attacks, and DoS.
-
Day 2: Advanced Web Security Practices
-
-
- Securing Web Applications: Applying defense mechanisms to presented attack vectors..
- Vulnerability Testing: Manual and automated testing with static and dynamic analysis tools.
- Identity Management: Implementing OAuth2/OpenID Connect and secure access token handling.
-
Requirements
-
- Basic knowledge of web development (HTML, CSS, JavaScript, HTTP).
- Familiarity with APIs and web protocols (e.g., REST).
- Interest in IT security and readiness to engage in hands-on exercises.
- Laptop with administrator rights for practical tasks.
Masterclass Highlights
- Practical Focus: Emphasis on hands-on exercises and realistic scenarios rather than theoretical lectures.
- Modern Technologies: Covers current security concepts like OAuth2, JWT, CSP, and secure API development.
- Theory to Real-World Applications Transition Developer-Centric: Gain actionable skills to deploy AI systems in production, optimize their performance, and handle real-world challenges
- Comprehensive Approach: Teaches both offensive (attack) and defensive (protection) strategies.
- Focus on Modern Web Security: In-depth coverage of single-page applications, secure cookie strategies, and CORS.
Trainer
Martina Kraus
Martina has been active in the world of web development since her early years and over time has become an expert in the field of web security. As an Application Security Engineer, she focuses on integrating security best practices into all phases of software development. In her role as a Google Developer Expert (GDE), she also loves to spread knowledge about web security at national and international conferences, regularly organizes ngGirls events (free Angular workshops for women) and the German Angular conference NG-DE.
Secure Your Spot
Subscribe to our newsletter now & stay informed!
I would like to be informed about discounts, Early Bird sales and updates in the future.