What to bring:
This class will teach you how to win over security compromise, and how to accurately access the security of a web application.
Want to design a web application capable of thwarting current and future threats? The ability to protect the confidential data exposed by your web application lies within an understanding of the foibles of the web medium. Incorporating techniques capable of addressing your client's security requirements and protecting against targeted attacks, without hefty compromises of functionality, is almost an art form. This course exposes the pitfalls of web application design and addresses the real issues in stopping future attackers.
No other class has taught exploit development at this level.
We will cover:
- Best practices in secure web application design
- Understanding the reasons behind web exploitation
- Preventing automated attacks.
Who Should Attend:
Technical development team leaders and project managers responsible for design and production of web applications, in addition to security professionals responsible for the assessment of web applications and providing best practice advice.
- Technical Developers
- QA and internal testing department personnel
- Application architects.
What will be provided:
Printed course manual, a CD ROM containing best-of-breed tools and background whitepapers.
General network and development experience.
Course Length: 2 days
Cost: EUR 1,400 on or before 19 April 2004, or EUR 1,600 after 19 April 2004
NOTE: this is a two day course. A Black Hat Certificate of Completion will be offered.
Professional Services Director, Next Generation Security Software Ltd.
Gunter Ollmann has over 10 years hands-on experience developing and managing secure systems, and over 5 years experience in providing cutting-edge security consultancy advice from an 'attack' perspective. At NGS he is responsible for the design and delivery of world-leading professional security services, ensuing his clients receive the best security advice backed by NGS's "best in the world" research team, bug hunters, and penetration testers. Formerly the manager of ISS' X-Force Security Assessment Services throughout Europe, the Middle East and Africa, he was responsible for the delivery of all 'attack' based service offerings to many of the worlds top organisations.
With a long history in software development and networking dating to pre-Internet and BBS days, he has learnt the hard way just what it takes to design and build secure systems, and how to apply security to real business environments. His specialities include secure web application & architecture design, penetration testing and operational security management. This experience combined with his security research has led Gunter to develop numerous authoritative security whitepapers. As a regular contributor to various security magazines, including SC Magazine, he is a frequent presenter at well known security conferences.