OWASP Security Workshop 2024
At Udemy we had a two day workshop/game given a couple times a year for anyone who wanted to join. It was a fun way of introducing penetration testing to web application developers. As a developer we may know to use the right database library that prevents things like an SQL injection, but do we really ever get to experience a real SQL injection? So we review the top 10 web vulnerabilities, put on our hacker hats and practice penetration testing. There is a great project called the OWASP Juice Shop that is a modern PHP web app, full of vulnerabilities. Even better, the app has an area that describes specific challenges and keep track of your progress. I have adapted my own version of running this workshop. It's low overhead and can be done both as a group and individually self directed. I ran the workshop over a day with the development team while working at Populus. It went well and I got some valuable feedback. I plan to repeat this tradition at future workplaces and will continue to refine it each time. TODO: post actual workshop instructions here
- ← Previous
Bringing Back San Francisco Casual Carpool - Next →
Talk: Computer Keyboards!