[ OWASP - Montreal ] OWASP Montreal - November 20th - Secure Code Review - OWASP TOP 10

Philippe Gamache (OWASP) philippe.gamache at owasp.org
Thu Oct 18 00:23:23 UTC 2012


OWASP Montreal - November 20th - Secure Code Review - OWASP TOP 10

	• MAIN PRESENTER: Sherif Koussa
	• ABSTRACT: Secure Code Review is the best approach to uncover the largest number ofsecurity flaws in addition to the most stealth and hard to uncover security vulnerabilities. During this session, you will learn how to perform security code review and uncover vulnerabilities such as OWASP Top 10: Cross-site Scripting, SQL Injection, Access Control and much more in early stages of development. You will use a real life application "SecureTickers" pulled from SourceForge. You will get an introduction to Static Code Analysis tools and how you can extend PMD (http://pmd.sourceforge.net/), the open source static code analysis tool, to catch security flaws like OWASP Top 10. Expect lots of code, tools, hacking and fun! *(Please note that the exercises will be mainly in Java.)
	• WHEN: November 20th, 2012
	• WHERE: TBA
	• REGISTRATION: Registration NOT mandatory.
	• SPONSORS: This meeting as no sponsor
	• PROGRAM:
 18:00-18:30 Networking
 18:30-18:45 Welcome speech by Chapter Leader (Philippe G.)
 18:45-19:45 Main presentation: Secure Code Review - OWASP TOP 10
 19:45-20:00 Open discussion
 20:00-...   End of the meeting in a pub



More information about the Owasp-montreal mailing list