Brought to you by
sketrik and l4wke
Applications run everything, and we run the Applications. Join us!
In the Application Security Community, we will show you the importance of keeping your application code secure. We will show you how to identify, fix, and prevent vulnerabilities in your application code and secure coding practices. We will also show you how to evaluate your application security.
Everything you need to know…
What we will teach:
The AppSec community is back with more tools, more content, and more challenges!
We will teach attendees how to use tools such as SAST, DAST, and SCA to analyze source code for vulnerabilities. Sample vulnerable repositories will be provided for attendees to learn and practice the use of these tools.
Static Application Security Testing (SAST): Use tools such as FluidAttacks and Snyk to identify vulnerabilities in code, and learn how to remediate them
Dynamic Application Security Testing (DAST): Use tools such as OWASP ZAP to analyze a running application for security misconfigurations
Software Composition Analysis (SCA): Use tools such as Google’s osv.dev to identify vulnerable third party components of an application
Once you’ve found a vulnerability, learn how to use Git to submit a fix through a pull request.
If you’ve never written any code in your life, don’t worry! We’ll have an introductory AppSec challenge for you to learn something about AppSec without having to learn how to write code.
What should I bring?
Participants will not need to bring any equipment to learn, we will have a limited number of workstations available to share.
For the best experience you should bring the following equipment when visiting the AppSec Community:
- Install Git
- Install Python
- Have a Linux virtual machine
Hours of Operation
Expo Closed Monday
10:30a – 5:00p
10:30a – 5:00p
9:00a – 5:00p
9:00a – 11:00a
What you Learn
- How to understand application development processes.
- How vulnerabilities in applications are managed
- How to interact with developers
- How to evaluate code for vulnerabilities
Details are still being worked out, but to collect our MiniBadge, come visit our booth for more details on how get this cool MiniBadge.