Session 1 - Security in Your Code Defines the Future
Speaker: Marcus Murray
Internationally recognized security expert, Marcus Murray, will share his insights in the world of cyber security as today's Keynote.
In this baffling keynote you will not only see a shocking live demo that shows how a vulnerability in your application can compromise an entire IT-environment, but you will also learn about some of the latest and greatest security breaches, trends and how the landscape of cyber threats is changing in a way that concerns developers more than ever before!
Vulnerabilities in code is one of the key reasons why organizations get hacked today. Your ability to write secure code will define the future!
Session 2 - Security in web apps
Speakers: Fabio Viggiani
Did you know that cybercriminals out there can compromise your web applications and servers with nothing more than a web browser and a few publically available tools?
In this demo-oriented web hacking and secure development session, Fabio Viggiani, leading web-application and pen test expert, will show you how hackers exploit vulnerabilities in web apps today, the possible consequences of a breach, and he will point you towards the right solutions and the proper mindset to prevent cyber attacks.
Session 3 - Secure coding patterns
Speaker: Andreas Hallberg
You’ll learn how to make the concept of “trust” a first class citizen in your code, and know what to look for when reviewing code for security vulnerabilities.
Secure coding patterns will make your code cleaner, more robust and less likely to cause your application’s user table to be uploaded to Flashback.
Session 4 - Full disclosure – rootpipe in OS X
Speaker: Emil Kvarnhammar
In this session Emil will disclose all details of the rootpipe vulnerability, and explain why it’s different from many other privilege escalation bugs. You’ll see how attackers find vulnerabilities in your code, even if they only have access to binaries. This is a security issue that took more than six months for Apple to patch!.
Session 5 - Where and how do we build our app
Speakers: Emil Kvarnhammar
Many modern application developers make use of third party dependencies and build servers during development before finally signing their applications to be published. How do you know that the third party code is secure and that you are in fact running the code you actually intended to?
Session 6 - Protecting your app data from attackers
Speaker: Sebastian Olsson
Is your app dealing with sensitive or even confidential data?
Your secure app needs to handle many possible attack vectors like network eavesdropping/MiTM, data extraction from backups, storage access through trojans, heap dumps, unauthorised access to server data etc.
This session presents secure practices in app development.
Session 7 - File upload – Inviting the Vampires
Speaker: Stefan Ivarsson
There’s something rotten in the state of file upload. We routinely find vulnerabilities in third-party components and customers’ file upload code.
In this session we show you the common mistakes, how hackers can bypass seemingly rock-hard file-upload defenses, and how to properly secure your snazzy file upload component.
Have you watched all videos? Develop you skills further on
Some people have to practice new knowledge hands-on, to learn for real. Check out the practical IT security trainings that the speakers offers at LabCenter.