Java Web Application Security and Frameworks Built-in Defensible Techniques


“Security against defeat implies defensive tactics; ability to defeat the enemy means taking the offensive. " -- Sun-tzu , The Art of War.

Building a secure web application has become a big challenge as developers focus only on the functionality and don't care about security. Moreover, many of them are not aware of the frameworks' built-in defensible techniques. From a testing perspective, black box testers should also be familiar with the tested web application frameworks.
This session will help Java™ web developers secure their applications and apply best practices with regard to secure coding. During the session we will look at a specific pieces of code, identify security flaws, implement fixes for the flaws found on the OWASP Top 10 and CWE/SANS Top 25 and learn the most efficient and effective process to integrate security into the existing software devel­opment lifecycle.

04:30 pm to 06:00 pm
Experience level: 
Average: 5 (5 votes)
Average: 5 (3 votes)
Time allocated: 
Average: 3 (2 votes)