Mastering the 2022 OWASP Top Ten with Jim Manico

Dive deep into the latest web application security threats with a 2-day masterclass led by Jim Manico, a globally recognized expert in secure coding and application security.

  • Jan 20
    This course will also be held at NDC Security 2025
    13 490 NOK

This masterclass is designed for developers, security professionals, and technical leads who want to master the 2022 OWASP Top Ten and learn effective strategies to mitigate these critical security risks.

Agenda:

Day 1: Understanding the 2022 OWASP Top Ten

Session 1: Introduction to OWASP and the 2022 Top Ten
- Overview of OWASP and its mission
- Introduction to the 2022 OWASP Top Ten: What it is and why it matters
- The impact of the Top Ten on modern web applications

Session 2: Broken Access Control (A01:2022)
- Understanding access control vulnerabilities
- Real-world examples and case studies
- Defensive coding techniques to prevent broken access control

Session 3: Cryptographic Failures (A02:2022)
- Common pitfalls in implementing cryptography
- Best practices for secure cryptographic storage and transmission
- Case studies of cryptographic failures and their impacts

Session 4: Injection (A03:2022)
- SQL, NoSQL, and command injection explained
- Real-world examples and case studies
- Defensive coding techniques to prevent injection attacks

Session 5: Insecure Design (A04:2022)
- Principles of secure software design
- Identifying and mitigating design flaws early in the SDLC
- Case studies on insecure design

Day 2: Advanced Defense Strategies for the 2022 OWASP Top Ten

Session 6: Security Misconfiguration (A05:2022)
- Common security misconfigurations and their impacts
- Best practices for secure configuration management
- Automating security configuration checks

Session 7: Vulnerable and Outdated Components (A06:2022)
- Risks of using outdated or vulnerable components
- Strategies for managing component security
- Tools and techniques for maintaining up-to-date dependencies

Session 8: Identification and Authentication Failures (A07:2022)
- Implementing robust authentication mechanisms
- Secure session management practices
- Multi-factor authentication (MFA) and its importance

Session 9: Software and Data Integrity Failures (A08:2022)
- Ensuring the integrity of software and data
- Techniques for securing software supply chains
- Real-world examples of integrity failures and mitigation strategies

Session 10: Security Logging and Monitoring Failures (A09:2022)
- Importance of effective logging and monitoring
- Best practices for logging and monitoring setup
- Incident detection and response strategies

Session 11: Server-Side Request Forgery (SSRF) (A10:2022)
- Understanding SSRF vulnerabilities
- Real-world examples and impacts of SSRF attacks
- Defensive coding and configuration practices to prevent SSRF

Takeaways:

Participants will leave this masterclass with a comprehensive understanding of the 2022 OWASP Top Ten and practical skills to secure their applications against these critical vulnerabilities. Each attendee will receive detailed course materials, hands-on labs, and a certificate of completion.

Jim Manico
CEO, Manicode Security

Jim Manico is the founder of Manicode Security where he trains software developers on secure coding and security engineering. He is also an investor/advisor for KSOC, Nucleus Security, Signal Sciences, and BitDiscovery. Jim is a frequent speaker on secure software practices, is a Java Champion, and is the author of 'Iron-Clad Java - Building Secure Web Applications' from Oracle Press. Jim also volunteers for OWASP as the project co-lead for the OWASP ASVS and the OWASP Proactive Controls.

    Programutvikling uses cookies to see how you use our website. We also have embeds from YouTube and Vimeo. How do you feel about that?