Loading…
Attending this event?
The virtual training classes are 8 hour courses offered in 4-hour blocks over two days. The trainings will begin at 12:00pm MSK (UTC + 3)

OWASP Members save $50 off the cost of a training course. Email events@owasp.com for your member discount code. If you are not an OWASP Member, please consider joining here.

REGISTER HERE FOR TRAINING

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Intermediate [clear filter]
Tuesday, June 15
 

12:00pm MSK

Hacking Android and IoT apps by Example
This course is the culmination of years of experience gained via practical penetration testing of mobile applications as well as countless hours spent in research. We have structured this course around the OWASP Mobile Security Testing Guide (MSTG) and relevant items of the OWASP Mobile Application Security Verification Standard (MASVS), so this course covers and goes beyond the OWASP Mobile Top Ten. This course provides participants with actionable skills that can be applied immediately from day 1.

Please note our courses are 100% hands-on, we do not lecture students with boring bullet points and theories, instead we give you practical challenges and help you solve them, teaching you how to troubleshoot common issues and get the most out of this training. As we try to keep both new and advanced students happy, the course is very comprehensive and we have not met any student able to complete all challenges during the class, therefore training continues after the course through our frequently updated training portal, for which you keep lifetime access, as well as unlimited email support.

Each day starts with a brief introduction to the mobile platform for that day and then continues with a look at static analysis, moves on to dynamic checks finishing off with a nice CTF session to test the skills gained.

Day 1: Focused specifically on Android: We start with understanding applications and then deep dive into static and dynamic analysis of the applications at hand. This day is packed with hands-on exercises and CTF-style challenges.

Speakers
avatar for Abraham Aranguren

Abraham Aranguren

7ASecurity
After 13 years in ITsec and 20 in IT Abraham is now the CEO of 7ASecurity (7asecurity.com), a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other even... Read More →


Tuesday June 15, 2021 12:00pm - Wednesday June 16, 2021 4:00pm MSK
Zoom - UTC +3

12:00pm MSK

Hacking Modern Desktop apps: Master the Future of Attack Vectors
This course is the culmination of years of experience gained via practical penetration testing of Modern Desktop applications as well as countless hours spent doing research. We have structured this course around the OWASP Security Testing Guide, it covers the OWASP Top Ten and specific attack vectors against Modern Desktop apps. This course provides participants with actionable skills that can be applied immediately from day 1.

Please note our courses are 100% hands-on, we do not lecture students with boring bullet points and theories, instead we give you practical challenges and help you solve them, teaching you how to troubleshoot common issues and get the most out of this training. Training then continues after the course through our frequently updated training portal, for which you keep lifetime access, as well as unlimited email support.

Each day starts with a brief introduction to the Modern platform (i.e. Node.js, Electron) for that day and then continues with a look at static analysis, moves on to dynamic checks finishing off with a nice CTF session to test the skills gained.

Day 1: Focused on Hacking Modern Desktop Apps: We start with understanding Modern Desktop apps and various security considerations. We then focus on static and dynamic analysis of the applications at hand. The day is filled with hands-on exercises ending with a CTF for more practical fun.

Speakers
avatar for Abraham Aranguren

Abraham Aranguren

7ASecurity
After 13 years in ITsec and 20 in IT Abraham is now the CEO of 7ASecurity (7asecurity.com), a company specializing in penetration testing of web/mobile apps, infrastructure, code reviews and training. Security Trainer at Blackhat USA, HITB, OWASP Global AppSec and many other even... Read More →


Tuesday June 15, 2021 12:00pm - Wednesday June 16, 2021 4:00pm MSK
Zoom - UTC +3

12:00pm MSK

Secure your SDLC using OWASP SAMM - ASAP!
Building security into the software development and management functions of a company can be a daunting task. There are many variables in the equation: company structure, different stakeholders, technology stacks, tools and processes, and competing priorities. Implementing software assurance can have a significant, positive impact on the organization. Yet, trying to achieve this without a good framework is likely to produce only marginal and unsustainable improvements. The OWASP Software Assurance Maturity Model provides a structural and measurable framework to overcome this challenge. It enables you to formulate and implement a strategy for software security that is tailored to the risk profile of your organization.

This 8-hour training - delivered as a mix of presentation, discussion, and interactive workshop - is intended for CSOs, directors, security architects, security analysts, and other application security professionals with responsibility for improving your organization's security posture. You will leave with an in-depth understanding of OWASP SAMM, pragmatic steps and tools for increased agility and compliance, and a template to kickstart your Application Security Assurance Program. Protect the confidentiality, integrity and availability of your data by implementing an application security assurance program in your organization - ASAP!

Speakers
avatar for John Ellingsworth

John Ellingsworth

Security Principal, Ellingsworth
John Ellingsworth is a security principal at a global company where he helps software development teams build and deliver secure enterprise solutions. When not collaborating on secure software solutions, he can often be found outdoors with his family - and probably scaling mountains... Read More →


Tuesday June 15, 2021 12:00pm - Wednesday June 16, 2021 4:00pm MSK
Zoom - UTC +3