Breaking and Fixing Web Applications Security 2015

This rapid immersion class is for experienced Web application software developers who want to take a quick but deep dive into the biggest Web application security issues. The class is built extensively around a series of hands-on lab exercises in which the students first learn first-hand the details of today’s biggest Web application security defects and how to exploit them. This is immediately followed by a set of labs in which the students learn to remediate those same defects by implementing appropriate fixes in a JavaEE-based Web application. This rapid fire approach to breaking and then fixing the security on an actual Web application enables students to deeply understand and internalize the biggest security problems faced by today’s Web application developers.


Requirements: In order to be able to participate in the hands-on exercises, each student will need a laptop computer capable of running a VirtualBox-based Linux virtual machine (provided). We recommend all laptops have local application installation privileges, 8 Gb RAM, and another 20 Gb of disk storage available. If local application installation is not feasible, an installed current version of VirtualBox (www.virtualbox.org) is required to be installed prior to the class.