Versions Compared

Old Version 22

changes.mady.by.user Nikola Gacesa

Saved on

compared with

New Version Current

changes.mady.by.user Andjela Arsovic

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Section


Column
width50%


Panel
borderColor#ebfffc
bgColor#ebfffc
titleColorWHITE
titleBGColor#77d1db
titleSecure Coding Training 2023 (SCT23)

"Secure Coding Training 2023"

Image Added


TOPICS:

  • How to design Continuous Integration and Continuous Development pipelines (CI/CD) with respect to Secure Development Life Cycle paradigm
  • Secure Programming in Python
    • Introduction 
    • Python gotchas
    • Secure coding practices 
    • Tools and conclusions
    • Practical workshop
  • Writing Hacker Proof Code - Files and Resources 
  • Writing Hacker Proof Code - Session Management
  • HackMe Contest



Panel
borderColor#ebeeff
bgColor#ebeeff

ATTENDED BY:

Status
colourGreen
title12
  INDIVIDUALS               
Status
colourBlue
title6
  NRENs







Section


Column
width50%


Panel
borderColor#ebfffc
bgColor#ebfffc
titleColorWHITE
titleBGColor#77d1db
titleSecure Coding Training 2022 (SCT22)

"OWASP ASVS as a source of security requirements"


TOPICS:

  • OWASP ASVS as a source of security requirements
  • Fuzz testing
    • Introduction and basic concepts
    • Overview of selected tools workshop introduction
    • Workshop
  • Writing Hacker Proof Code – Validation, Sanitization and Encoding
  • Writing Hacker Proof Code – Data Protection
  • Continuous Integration / Continuous Development and Secure Development Life Cycle
  • Review of the current freely available tools for static source code review
  • HackMe Contest



Panel
borderColor#ebeeff
bgColor#ebeeff

ATTENDED BY:

Status
colourGreen
title12
  INDIVIDUALS               
Status
colourBlue
title9
  NRENs





...

Section


Column
width50%


Panel
borderColor#ebfffc
bgColor#ebfffc
titleColorWHITE
titleBGColor#77d1db
titleSecure Coding Training 2021 (SCT21)

"Securing multi-domain systems"


TOPICS:

  • Popular attacks against Web applications workshop
  • Continuous Integration / Continuous Development and Secure DevelopmentLife Cycle
  • (ASVS based) Writing Hacker proof code – Authorization (Access control)
  • (ASVS based) Writing Hacker proof code – Authentication
  • (ASVS based) Writing Hacker proof code – Error handling and logging verification
  • HackMe contest



Panel
borderColor#ebeeff
bgColor#ebeeff

ATTENDED BY:

Status
colourGreen
title16
  INDIVIDUALS               
Status
colourBlue
title9
  NRENs


Panel
borderColor#ecffeb
bgColor#ecffeb
titleFrom the participants:

“High level of interest in most training topics”


"Scanning real source code and interpreting results is the most favored method of working directly with code"





...

Section


Column
width50%


Panel
borderColor#ebfffc
bgColor#ebfffc
titleColorwhite
titleBGColor#77d1db
titleSecure Coding Training 2019 (SCT19)

"Producing Bullet-Proof Software for your Infrastructure"


TOPICS:

  • OWASP Application Security Verification Standard v. 4.0
  • Implementing the most recent authentication and authorization methods
  • New or improved security tools for the developer teams


Panel
borderColor#ebeeff
bgColor#ebeeff

ATTENDED BY:

Status
colourGreen
title16
  INDIVIDUALS               
Status
colourBlue
title8
  NRENs


Panel
borderColor#ecffeb
bgColor#ecffeb
titleFrom the participants:

“Best practices (development, testing, deployment, workflows and concepts on type of attacks and some known/recent threats”


"More knowledge about GEANT project training resources, better knowledge about the state of projects participants skills"


"Knowledge, which was the main reason why I decided to participate. The training does not make me an expert in security, but it will help me in the future when it comes to security related issues" 

 

"Good concepts, info about best practices with tested examples. The subject is dense and the trainers made an effort to transmit these concepts in an easy and enjoyable way"




Column
width50%


Panel
borderColor#ebfffc
bgColor#ebfffc
titleColorWHITE
titleBGColor#77d1db
titleSecure Coding Training 2020 (SCT20)

"Different this time and... it is happening!"


TOPICS:

  • Secure programming in JavaScript 

    • JavaScript security issues

    • A crisis of Trust

    • Not hidden code

    • XSS vulnerability

    • Poor validation

    • Cryptless

    • Quality code

    • Weak types & poor code quality

  • Secure Code Training 

    • Threat modeling

    • Continuous Integration and Secure Software Development Life Cycle

    • HTTP Security Headers

    • Modern secure authentication and authorization mechanisms

    • The most popular attacks against Web applications

    • API Security


Panel
borderColor#ebeeff
bgColor#ebeeff

ATTENDED BY:

Status
colourGreen
title20
  INDIVIDUALS               
Status
colourBlue
title10
  NRENs


Panel
borderColor#ecffeb
bgColor#ecffeb
titleFrom the participants:





...