JAX DevOps, 14-17 April 2019
The Conference for Continuous Delivery, Microservices, Docker & Clouds

Workshop: How to master your offensive security toolstack

Blind Bird: Only till Dec. 20th
✓ Save up to £ 700 ✓ Special team discounts Register now »
Booking note:
Web Security Workshop

In this hands-on penetration testing workshop, we’ll attack the training web app to take on the role of a pen tester one step at a time. You’ll learn how to work with professional security tools through a range of practical tasks. You’ll also learn pen testers’ general approach for attacking web apps. Of course, we’ll also deal with defensive measures for protecting the security holes found. However, our focus will remain on the systematic use of professional hacking tools for carrying out security analyses. 

As a second objective of this workshop, you will learn what type of security checks can be automated and how this DevOps-style automation of security checks within build chains is best done.

Once you’ve completed this workshop, you’ll have practical experience of carrying out manual and automated attacks on web apps. You can transfer these skills to your own software development work and increase the security of your projects in the long-term.

During the course we will attack a prepared demo web-application using tools and techniques available in the Kali Linux VM. Aside from finding vulnerabilities inside this demo application, we will also use tools to escalate them into even more critical vulnerabilities during post-exploitation. 

Aside from manually using the security tools to find and exploit security vulnerabilities, most of them can also be utilized in fully automated ways, being a nice fit into DevOps architectures to enrich CI/CD pipelines with security checks.

Behind the Tracks

the process of becoming fully agile
Cloud-based & native apps
Docker, Kubernetes, Mesos & Co
Build, test and deploy agile
Maximize development productivity