[ OWASP - Montreal ] OWASP Montreal - November 20th - Secure Code Review - OWASP TOP 10

Philippe Gamache (OWASP) philippe.gamache at owasp.org
Tue Nov 20 05:30:52 UTC 2012



OWASP Montreal - November 20th - Secure Code Review - OWASP TOP 10

	• MAIN PRESENTER: Sherif Koussa
	• ABSTRACT: Secure Code Review is the best approach to uncover the largest number ofsecurity flaws in addition to the most stealth and hard to uncover security vulnerabilities. During this session, you will learn how to perform security code review and uncover vulnerabilities such as OWASP Top 10: Cross-site Scripting, SQL Injection, Access Control and much more in early stages of development. You will use a real life application "SecureTickers" pulled from SourceForge. You will get an introduction to Static Code Analysis tools and how you can extend PMD (http://pmd.sourceforge.net/), the open source static code analysis tool, to catch security flaws like OWASP Top 10. Expect lots of code, tools, hacking and fun! *(Please note that the exercises will be mainly in Java.)
	• WHEN: November 20th, 2012
	• WHERE: École de technologie supérieure, 1100, rue Notre-Dame ouest, Montréal, Room: A-1150
	• REGISTRATION: Registration NOT mandatory.
	• SPONSORS: This meeting as no sponsor
	• PROGRAM:
18:00-18:30 Networking
18:30-18:45 Welcome speech by Chapter Leader (Philippe G.)
18:45-19:45 Main presentation: Secure Code Review - OWASP TOP 10
19:45-20:00 Open discussion
20:00-...   End of the meeting in a pub



More information about the Owasp-montreal mailing list