[ OWASP - Montreal ] Training : Integrating security in a webapp project: from the idea to going live

Philippe Gamache (OWASP) philippe.gamache at owasp.org
Mon Feb 13 15:38:20 UTC 2012


Bonjour,

Bonne question! Ce sera selon les gens inscrits... S’il y a des anglophones, ce sera en anglais, si tout le monde est bilingue ou francophone, la présentation sera en français avec la documentation en anglais. La raison, c'est qu'elle sera aussi présentée à Ottawa la journée précédente.



On 2012-02-13, at 10:23 , patrick.leclerc at gmail.com wrote:

> Bonjour Philippe,
> 
> Est-ce que les présentations seront en français ou en anglais?  Je passe le mot pour voir si on aurait pas une petite délégation de la ville de Quebec...
> 
> Salutations,
> 
> Patrick
> 
> Sent from my BlackBerry.
> 
> -----Original Message-----
> From: "Philippe Gamache (OWASP)" <philippe.gamache at owasp.org>
> Sender: owasp-montreal-bounces at lists.owasp.org
> Date: Fri, 10 Feb 2012 13:10:41 
> To: <owasp-montreal at lists.owasp.org>
> Subject: Re: [ OWASP - Montreal ] Training : Integrating security in a
> 	webapp project: from the idea to going live
> 
> We'll have a meeting that night... 
> 
> On 2012-02-10, at 12:57 , Philippe Gamache (OWASP) wrote:
> 
>> Integrating security in a webapp project: from the idea to going live
>> 
>> =======================================================
>> 
>> Concept: A 1-day training covering 3 major topics related to integrating security in a software development project: - good practices and tools at design stage (security requirements, secure design, threat modeling) - good practices and tools at implementation stage (secure coding practices and code review) - good practices and tools at verification stage (security validation)
>> 
>> The entire training will follow a red-line based on a real-life HR web application project in which we will manage security and privacy aspects. Students will cover the entire lifecycle of the application, from analysis to deployment, and integrate good practices and tools based on OWASP material.
>> 
>> Trainers: - Antonio Fontes, Switzerland - Philippe Gamache, Canada - Sébastien Gioria, France
>> 
>> Course format: - The training is composed of three modules, each consisting of three 45-minutes blocks (total: 9 blocks) - Each module includes three blocks: theory, hands-on, validation/debriefing.
>> 
>> Schedule: - 8:45-9:30, 9:40-10:25, 10:30-11:15 -> "design" module - 11:30-12:30 -> lunch - 12:45-13:30, 13:35-14:20, 14:25-15:10 -> "implementation" module - 15:10-15:40 -> cookie break - 15:40-16:25, 16:30-17:15, 17:20-18:05 -> "verification" module - 18:10 -> closing session (debriefing/conclusions)
>> 
>> We expect students to arrive around 8am and be able to leave around 6:30/7pm
>> 
>> Pre-requisites (required skills and material): - Bring your own laptop (recommended: dual-core system running VMWare/Virtualbox) - Experience in web application development (hands-on will be in JAVA but do not require in-depth knowledge of the language) - Understanding of a web application project lifecycle - Understanding of well-known web application attacks (Top 10 attacks)
>> _______________________________________________
>> Owasp-montreal mailing list
>> Owasp-montreal at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-montreal
> 
> _______________________________________________
> Owasp-montreal mailing list
> Owasp-montreal at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-montreal



More information about the Owasp-montreal mailing list