1. InfoconDB
  2. OWASP
  3. Global AppSec - DC 2019
  4. Secure Coding Dojo

Secure Coding Dojo

Presented at Global AppSec - DC 2019, Sept. 12, 2019, 11:30 a.m. (45 minutes)

The Secure Coding Dojo is a platform for delivering security training for developers. The platform is created for development organizations of all sizes: from university classrooms to large enterprises. While open source web applications that teach software security concepts are not new, the Secure Coding Dojo is not another vulnerable website. It is a training platform which can be customized to integrate with vulnerable applications and other CTF challenges. Join this session to see the Dojo in action and learn how it can revolutionize application security training in a development organization. Here are some of the topics that will be covered: - Open source project history and evolution - Predefined training apps: Insecure.Inc, Hacker's Den, Security Code Review Master - Deploying with Docker or building the environment from scratch - Auth integrations with Slack, ADFS SAML and LDAP - Extending and customizing the platform Check out the project links: <https://github.com/trendmicro/SecureCodingDojo> [https://www.owasp.org/index.php/OWASP\_Secure\_Coding\_Dojo ](https://www.owasp.org/index.php/OWASP_Secure_Coding_Dojo)<https://hub.docker.com/u/securecodingdojo>

Presenters:

  • Paul Ionescu - Trend Micro
    Paul Ionescu is a Security Architect and R&D Security Leader at Trend Micro and also an OWASP Ottawa Chapter Co-Leader. Over the past decade, Paul has worked in various areas of software security. He was a developer for the AppScan application security testing suite, formed and lead the IBM X-Force Ethical Hacking Team of pen-testers, conducted security research, authored security articles and was instrumental in building large scale application security programs. Nowadays Paul is focusing on integrating all areas of security into a dynamic DevOps SDLC while ensuring compliance with industry and government standards. He also continues to be involved with company-wide projects such as software security education, security testing, vulnerability response, and compliance. Paul is also actively involved in the development of open-source projects. He is the creator and principal maintainer of the training platform Secure Coding Dojo and also a principal contributor to the HTTP BlackOps security testing tool.

Links:

Similar Presentations: