Black Hat USA 2009 Weekend Training Session

July 25-26

Building Secure Web 2.0 Services

Aspect Security

Overview

Aspect Security offers a two day course titled Building Secure Web Services designed to focus on the most important messages regarding the development of secure web services. The objective for this course is to ensure that developers understand the real risks associated with Web Services, what standards are available to help, and how to use the standards. The course includes a combination of lecture, demonstrations, and exercises designed to provide broad guidance regarding the implementation of specific security principles and functions in the web services security arena.

Audience:

The intended audience for this course is:

• Web service developers
• Service architects
• Web service quality assurance/testers
• Security specialists

Trainer:

Aspect Security has been working with development teams around the country for years to help them identify, diagnose, and address security issues throughout the application development lifecycle. Through these efforts, they have learned the key practices that development and project managers, and key support personnel must know to achieve secure applications.

Aspect’s instructors are full-time application security specialists that spend the majority of their time working with clients to secure the nation’s most critical applications. Leveraging this practical experience brings the class to life. Students will gain valuable insight into lessons learned from other development organizations. Our instructors also make themselves available to you for application security questions after the course is complete. Aspect is a Founding OWASP Member and supports several OWASP projects. In particular, Aspect conceived the OWASP Top Ten project and led the effort to build the document. We also built WebGoat and Stinger and donated them to the OWASP effort. Aspect personnel assist with the management of the OWASP Foundation and help run the OWASP AppSec conference series.

Jason Li is a remarkable trainer, mastering five different training courses within a year’s time to our most valuable longstanding but diverse clients. The client base included a large financial institution, several leading shipping and logistics Management Company, and a leading Government systems integrator. Jason has also taught Advanced Web Application Security Testing and Building Secure Web Applications classes at OWASP 2008 conferences in Belgium and India. Common remarks returned from Jason’s class evaluations include “This is probably one of the most important classes I‘ve been exposed to here” and “One of the best instructors I’ve ever had. Really knowledgeable of the subject. Kept class interested by sharing real life examples that depicted good scenarios”

Super Early: Ends Mar 15	Early: Ends May 1	Regular: Ends Jul 1	Late: Ends Jul 22	Onsite:
$2000	$2100	$2300	$2500	$2800