Request a Demo
Recorded November 8, 2017

Secure Development Lessons from Purposely Insecure Applications

Security pros and developers often use insecure apps to teach or demonstrate application vulnerabilities. Previously, there hasn't been a 'secure' example application for developers to model from.

Let's change that. In this Modern Security Series Episode, we get hands on with the latest insecure applications. Join Jason White as he provides live examples and lessons learned from hacking multiple insecure applications, including WebGoat and more.

Watch the Webinar

About This Modern Security Series Episode

Security pros and developers often use insecure apps to teach or demonstrate application vulnerabilities. The main activity is 'hacking' or showing how exploiting a given vulnerability works. WebGoat was (as far as we know) the first purposely insecure app for teaching web application security. Many other goats' can have also come about and now we even have a Juice Shop. Until now, there is no purposely secure [example] application for developers to model from. So, let's work with what we have and pull out some some secure coding and secure SDLC lessons from the insecure applications.

Speakers

Jason White

Application Security Consultant  |  Astech Consulting

Jason spent over 15 yrs as a developer, much of it interested in security (web application and network). His coding experience is with Java, .Net, the trinity of CSS/HTML/Javascript amongst some other languages and platforms.  He now spends his days as an Application Security Consultant and trainer with AsTech. His interest and focus is on educating and facilitating secure coding for developers. Jason has been contributing to OWASP as a developer on WebGoat since 2014. His next ambition is to build a platform for developers to learn to remediate insecure code (not just break it).

James Wickett

Head of Research  |  Signal Sciences

Often found at the intersection of DevOps and security, James is the creator of gauntlt and the author of DevOps Fundamentals — a course on Lynda.com and LinkedIn Learning.

securedevelopmentlessons_full-preview.jpg

About the Modern Security Series

The Modern Security Series by Signal Sciences brings the best technologists around to present on modern security practices and approaches ranging from AppSec to DevOps.

Come each month and enjoy a fun and friendly presentation by some of the world’s foremost experts on topics that are shaping our industry for the future.

Upcoming Modern Security Series Episodes

The world’s top companies trust Signal Sciences.

under armour duo adobe datadot aera technology fullstory booktopia plangrid