In addition to our quarterly meeting on March 14th, OWASP Detroit is putting on a workshop as part of the MiSec/OWASP Detroit monthly workshop series. This workshop will be hands on and concentrate on providing those who are new or unfamiliar with the process of assessing web applications from a security standpoint. We will be going over the basics of web-based communications, web architecture, common web application vulnerabilities and how to detect & exploit them.
Web applications aren’t just for posting pictures of cats, and haven’t been for a long time. Much of our modern communications infrastructure relies on Web application frameworks, protocols, and applications. Twitter, Facebook, commercial applications, administrative consoles, all rely on what, in many ways, are technologies and protocols developed in the infancy of the modern telecommunications revolution. In many ways, the security of these technologies hasn’t improved and security professionals oftentimes are not exposed to the unique challenges and methods involved in securing these applications. This workshop will provide attendees with a basis in how to assess the security of Web applications, and methodologies to help establish Web application security processes.
This will be a hands-on workshop with the ability to attack and assess a live application. Emphasis will be on learning manual testing methods.
Required: Laptop computer (OS agnostic), Java runtime engine (1.6 or 1.7), wired Ethernet connection. All other tools will be provided.
Tickets available online: http://www.eventbrite.com/event/5680869634