Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.security > #197

OWASP Summit Java securit

From lucas.ferreira@gmail.com.remove-dii-this
Subject OWASP Summit Java securit
Message-ID <ac5a5f84-78fc-4798-b834-196fc0d2a45b@v16g2000prc.googlegroups.com> (permalink)
Newsgroups comp.lang.java.security
Date 2011-04-27 16:08 +0000
Organization TDS.net

Show all headers | View raw

  To: comp.lang.java.security
Hello all,

if you deal with Java-based web applications you might be interested
in attending OWASP Summit
(https://www.owasp.org/index.php/OWASP_EU_Summit_2008) and
specifically to attend the "Secure programming with Java" training
session
(https://www.owasp.org/index.php/
OWASP_EU_Summit_2008_Training#Secure_Programmin\
g_with_Java).

This training class will present best practices of secure programming
in the Java language. It includes Java specific practices (i.e. how to
avoid problems that arise from the compilation of Java source code to
the bytecode language used by the JVM) and practices that may arise in
other programming languages (with exemples in Java). Some tools that
may be used to verify the security of Java code and systems will be
demonstrated.

The topics include a quick overview of the OWASP Top 10, in order to
contextualize the practices presented, and several best practices
aimed at the different software layers. At the presentation layer, we
focus on input validation, access control issues and dealing with
exceptions. At the business objects layer, the practices deal with
cloning and serialization issues. Practices to prevent command
injection are presented at the persistence layer. Practices that
should be used throughout all the software are also presented,
including inputa data validation, class and method visibility, using
and storing secrets, dealing with inner classes, overflows and boxing,
and object initialization.

Regards,

Lucas

---
 * Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet!
--- Synchronet 3.15a-Win32 NewsLink 1.92
Time Warp of the Future BBS - telnet://time.synchro.net:24

Back to comp.lang.java.security | Previous | Next | Find similar

Thread

OWASP Summit Java securit lucas.ferreira@gmail.com.remove-dii-this - 2011-04-27 16:08 +0000

csiph-web