13:30 - 17:00
Music Hall 2
A good defense against insecure code requires understanding the mechanics behind how attackers exploit simple programming mistakes. The WebGoat team will walk through exercises like SQL Injection, XSS, XXE, CSRF, … and demonstrate how these exploits work.
We will show you how you can use WebGoat to train your developers to avoid these simple but common programming mistakes. We also show you how to extend WebGoat to create lessons specific to your environment. Join us to learn the most basic, but common, application security problems.
Tired of all the lessons? During the training we will host a small CTF competition which you can take a shot at and compete with each other.
The workshop is really hands on, we explain the theory about the vulnerability and then it is up to the participants to solve the assignments. After each lesson we explain how to mitigate the vulnerability in your day to day development.
It is an open source project and with this workshop we get a lot of feedback on how we can improve and new lessons to our framework.
Zielgruppe & Anforderungen
Prerequisites: Basic knowledge about how web application works
- laptop with installed: Docker or Java 11