AppSec USA 2016 has ended
Back To Schedule
Wednesday, October 12 • 9:00am - 5:00pm
Training Session - AppSec Safari (1 Day)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tired of reading about vulnerabilities or seeing screen captures of other people landing the big one? Join our AppSec Safari and go toe-to-toe with an application. Track a bug through multiple fields and feel the triumph of exploiting the flaw yourself!

The Safari will take you on a guided tour of cross-site scripting, SQL injection, privilege escalation and more. We’ll present a refresher on each vulnerability type, provide example exploits and turn you loose on a real application hosted in a local test environment. We’ll give hints as needed to maximize your chances of success. If you get ahead of the group, build your skills by chasing vulnerabilities we’ve hidden in the environment.

If you’re an application developer or security practitioner who is looking to solidify your theoretical knowledge, join our safari. Bring a laptop with an Ethernet port that is capable of running a Kali live image, or have the following tools installed: ZAP, sqlmap, MySQL client, Remote Desktop client.

avatar for Mark Hoopes

Mark Hoopes

Senior Application Security Engineer, Aspect Security
Mark Hoopes has been working in enterprise IT delivery for nearly 20 years in an assortment of roles including development, project management, and major incident management. He found his niche in application security and has been effectively on vacation ever since. Throughout his... Read More →
avatar for Jason Li

Jason Li

Director, Aspect Security
Jason Li is a Director at Aspect Security where he provides application security consulting services including penetration testing, code review, security control analysis, and threat modeling. He is heavily involved in OWASP having previously chaired the OWASP Global Projects Committee... Read More →

Wednesday October 12, 2016 9:00am - 5:00pm EDT
Meeting Room 10