Fake Security - App Sec Myths People Believe
Let's get started debunking a few application security myths that we shouldn't believe...
Description
When facing the pressures of scope, budget, and schedule...some application security myths have developed.
There are few things we know about application development and producing system that are secure in the way that they are deployed, operated, and maintained.
We know that: Writing code is easy...but writing good code is hard
We know that: Adding security is easy...but finding the right balance between usability, effectiveness, and maintainability is hard
We are always trying to find that balance in development and security...
This course is an examination of a just a few myths that result in Fake Security. They contribute to a false sense of security and can sometimes leave your application easily vulnerable to attack.
We've tried to keep the lecture short and concise, giving you enough information to start evaluating your own applications and systems. While the topics covered here can get really deep...very quickly, we've tried to keep it at a high level. This with the hopes that we can reach a broad audience and bring value to managers, project leaders, and developers of all skill levels.
We'll cover topics like:
The Purpose of the OWASP Top Ten List
Avoiding Security Through Obscurity
Security Responsibilities in the Cloud
API Security
And more...
Who is this course for:
managers
project leaders
product owners
developers of all skill levels
Let's get started debunking a few myths that we shouldn't believe...
What You Will Learn!
- Learn about some common application security myths
- Get an overview of security issues facing applications
- Identify myths that your organization might believe in
- Increase the security and quality of your applications
Who Should Attend!
- Anyone Interested in Application Security
- Application Development Managers
- Project Managers
- Product Owners
- Developers