Mastering security testing

Welcome to workshop in security testing with Itera!

Software security is currently one of the hottest IT trends. Many businesses move their solutions to cloud and web thus making them more vulnerable for external attacks. One way to significantly improve the security of your applications is to protect against and follow the guidelines of the OWASP TOP 10 vulnerabilities. However, for many teams it might be difficult to verify that the implemented countermeasures work and to start approaching security testing from scratch. 

During the workshop, we will provide a basic overview of security testing and the main project approaches, cover most significant vulnerabilities in web-applications and introduce you to techniques and tools to discover and fix these vulnerabilities. We will also have a practical part of the workshop were we will perform security testing on a simple API to find vulnerabilities. We won’t perform in-depth code analysis during the workshop, but approach security testing more from black-box perspective.

The workshop is suitable both for developers and those interested in test engineering. The workshop will be held in English.

Pre-requisites: - Postman to work with API: https://www.getpostman.com/. - OWASP ZAP to track requests/responses between client and server: https://github.com/zaproxy/zaproxy/wiki/Downloads. - Any browser plugin to work with cookies.

Informasjon fra Fagkom: Oppmøte 17:00! Ventelisten åpner 17:10. Kurset starter 17:15. Det serveres pizza og sushi underveis i kurset, og så blir det mingling&kos på ØX etterpå. Itera har flydd inn en sikkerhetsekspert fra Ukraina som holder workshopen på engelsk. Derfor står også denne kursbeskrivelsen på engelsk. Vel møtt!