| Table of Contents |
|---|
Introduction
This document has been prepared to show the agenda of Secure Coding Training (SCT) that will be held probably on February by SA4T1 experts. The venue is to be determined.
...
Time | Subject | Expert | Remarks |
9:00-10:0010 | Secure Web programming workshop (JAVA, PHP, Python and Django | PB, TN | Common security vulnerabilities according to OWASP top 10 will be introduced to participants. Every category of errors will be explained in details, with practical exercises. Topics that will be covered during workshop:
Also the following important security issues will be covered:
|
Short break 10 min. (10:0010-10:1020) | |||
10:1020-11:1020 | Secure Web programming workshop – continuing 3. Cross-site scripting flaws (10' lecture, 30' exercise) 4. Insecure Direct Object References (5' lecture, 15' exercise) | PB, TN | See above |
Short break 10 min. (11:1020-11:2030) | |||
11:2030-12:30 | Secure Web programming workshop – continuing 5. Security misconfiguration (5' lecture, 15' exercise) 6. Sensitive data exposure (5' lecture, 15' exercise) 7. Missing function level access control (5' lecture, 15' exercise) | PB, TN | See above |
Lunch break 1h min. (12:30-13:30) | |||
...
Time | Subject | Expert | Remarks |
13:30-14:4530 | Secure Web programming workshop - continuing 8. Cross-Site Request Forgery (CSRF) (5' lecture, 15' exercise) 9. Using components with known vulnerabilities (5' lecture, 15' exercise) 10. Unvalidated redirects and forwards (5' lecture, 15' exercise) | PB, TN | See above |
| 14:30-14:45 | Short lecture with worshop summary
| TN | |
Short break 15 min. + preparation to HackMe (14:45-15:10) | |||
15:10-17:00 | HackMe | PB, TN | HackMe contest |
...