Source Code Review for Penetration Testers

BSidesLV 2013

Presented by: Andrew Wilson
Date: Wednesday July 31, 2013
Time: 10:00 - 13:50
Location: Florentine F
Track: Training Ground

Course Rationale

This course is designed to expose penetration testers to various approaches used in professional source code reviews. This course will not focus on specific vulnerabilities, but instead focus on strategies and tactics outlined in “The Art of Software Security Assessment” which have been vetted through the personal experience of the instructor. This is a hands-on workshop.

Prerequisites

A student should have prior exposure to testing dynamic applications, as well as exposure to programming languages.

Learning Outcomes

Upon successful completion of this course, students will be able to:

Andrew Wilson

Andrew Wilson is a Senior Security Associate for Stach & Liu. In this role, Andrew focuses mainly on application assessments and security training. His primary areas of expertise are application penetration testing, secure developer training and the design and implementation of secure applications. Prior to Stach & Liu, Andrew worked for 9 years as a senior .NET engineer building secure applications in a variety of industries. Andrew has worked extensively in higher education and banking fraud, and is a Microsoft MVP in Developer Security.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats