[Owasp-boston] Limited Time Discount for OWASP Boston Hosted Training

OWASP Boston boston at owasp.org
Fri Apr 14 15:37:00 UTC 2017


Hi Folks,

Our Veterans, Active Military and Law Enforcement free spots, generously
provided by the trainer have been all claimed.  We'd love to be able to
open a 2nd round of free spots to others but to do so, WE NEED YOUR HELP in
making sure this class runs with paid seats!

*DISCOUNT #1 - OWASP MEMBERS $50 OFF*

To get the OWASP rate itself, the signup asks for your OWASP Member number,
available at: https://myowasp.force.com

*DISCOUNT #2 - Until May 1st, Group Discounts of $50 OFF EACH student!*

All registrants must pay via the same method, and its valid for 6 or more
registrants at once. The $50 discount will be applied to each of the group
registrants. Please don't email us asking if you can pay with different
credit cards.  Its a group discount to encourage group signups.

Please help us make sure that the Boston Tactical DevSecOps class runs!

More details below on the training.

Thanks,
Mike

This three-day course is designed to improve a person’s skills with
manually testing web applications and monitoring the resulting logs. This
course is focused on providing both testing and detection skills for
attendees. The training is structured as a hands-on proficiency course,
such that IT professionals of all skill levels should benefit. The course
leverages the Samurai WTF environment as a test lab, and primarily focuses
on the skillful use of interception proxies (Burp or ZAP) to efficiently
perform tests. It also helps build detection and monitoring techniques to
discover attacks against your web applications and infrastructure. The
course culminates with a live-fire capture the flag that focuses on both
testing the target application as well as reviewing real-world application
logs for attacks.

- Injection Attacks

   OS Command Injection


   SQL Injection


   Other type of Injection

- Automated Scanners

   Fingerprinting


   Components with Known Vulnerabilities


   Critical Skills: Optimizing Automated Scans

- Testing Web Services

   Web Services Overview


   Tools for testing Web Services


   Critical Skills: Running Web Services


   Web Service Vulnerabilities - XML External Entity (XXE)

- Monitoring Implementation

   Infrastructure


   Event logging and analysis


   ModSecurity

- Monitoring, Analysis & Tuning

   Log review


   Tuning and signature development

- Response

   Preparing for an incident


   Finding signs of compromise

- Student Scavenger Hunt Challenge

Student Knowledge and Computer Requirements
Students will need laptops with VMWare installed and licensed (VMWare
Player is fine), a minimum of 4GB RAM and 50GB free disk space. They should
come to class with at least a high level understanding of basic network and
web concepts, including: IP Addresses, Sockets and Ports, HTTP, HTML and
Javascript. We strongly recommend you have ready access to Administrator
rights if needed so you can change settings/disable firewall, tone down
Antivirus etc. if needed.

NOTE: Lunch is not provided nor included. There is a cafeteria on site with
some menu options available for purchase. Light breakfast (e.g., bagels,
fruit and coffee each morning) is generously being provided by Dun &
Bradstreet!

We have met our allowance for free tickets for US Veterans, Active Military
and Law Enforcement as of April 12th. We thank all our Veterans, Active
Military, and Law Enforcement for their service!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-boston/attachments/20170414/8b695a47/attachment.html>


More information about the Owasp-boston mailing list