Kim will take ISIG through the [collection of tools](https://f0.holisticinfosecforwebdevelopers.com/chap05.html#tooling-setup) added and configured on his penetration testing machine used throughout his book series ([Holistic Info-Sec for Web Developers](https://www.holisticinfosecforwebdevelopers.com)). Kim will then profile a well known celebrities password, creating a short-list, then (on-line) brute force their login. Come along, it’ll be fun.
Your Development Team(s) are struggling to create secure software. Your business is paying too much for security reviews, and penetration testing at the end of the project.
Your customers want to be certain that their personal data is secure. You could be saving significant expenditure on security and software development in general.
You need to be sure that what your development team(s) are creating is going to withstand the onslaught of those tasked with breaking your deliverables, and stealing your customers data.
Your customers want to be certain that their personal data is secure. You need your product to stand-up to those that are going to attack it.
Carl and Richard talk with Kim Carter about his experience in helping developers grasp information security and successfully employ it within their teams.
Kiwicon hands-on threat modelling, attack and defence strategy training for Web Developers wishing to understand their attackers better, stay ahead of them and create cost effective defence strategies.
Kim talks with his fellow Toastmasters about profiling peoples passwords and then brute forcing web applications with the shortlist of guessed passwords..
At CampJS, Melbourne, Australia: Join Kim in the exploration into an insightful set of steps he has learned, from an architectural perspective down to the zeros and ones. Also providing insights of how attackers of your systems think.
At OWASP NZ Day: What are we doing with all the characters that get shoved into our applications? Have we considered every potential execution context?