Content tagged as 'Workshop'

Here is a list of all the content that has been tagged as workshop.

Workshop - Building Security Into Your Development Teams

Few organisations understand the secrets of shifting the focus on security from late in the software development life-cycle to within the Development Team. Not only does this significantly reduce the number of security defects being pushed to your production systems, but also significantly reduces the total cost of development. Cheapest place to deal with defects There have been many studies specifically looking at the costs of finding and fixing defects early, as opposed to the planning of how to fix defects once the product is delivered, or not planning at all.

Building Security into Your Development Teams (workshop) $500 + GST per student

Full Day Interactive Workshop focussing on building security into your development team(s).

Workshop - Building Security Into Your Development Teams

Kim will explain the roles of ’T’ shaped professionals, including placement of security champions to create your purple Development Teams. We will work through how to implement the Sensible Security Model (SSM) within each and every Sprint, including: Creating actionable countermeasure Product Backlog Items Integrating them into the same Product Backlog that your Development Team has been pulling business focussed items from Ordering them based on the risk ratings you create for each Kim will discuss how and where Agile Development Teams often fail, along with how to succeed with security with a familiar anecdote.

Workshop - Web Developer Quiz Night

Workshop - Developing a high-performance security focussed Agile Team

Kim will then discuss and demo a set of light weight processes, practises and tools, that when combined have proven their value in: Aiding high throughput (reducing time to market) Significantly increasing quality (finding and removing bugs) Without de-scoping and all while reducing total project cost (fact). If this sounds like breaking the laws of physics, or too good to be true, then this workshop is for you.

Workshop - Windows Exploitation and Persistence with PowerShell

The common payload takes the user supplied shellcode and overwrites the first 0x1000 bytes of the calling instance of PowerShell, creates a thread to execute within the virtual address space of the calling PowerShell instance and starts it. All delivery and persistence techniques ensure AV bypass of shellcode. Kim has dissected and will explain how the virus and payload works. We will look at delivery mediums (virus): Compiled C executable Office document (take your pick) C/- Nishang Persistence mediums:

Workshop - Holistic Info-Sec for Web Developers - Intense

The content is aimed at software engineers to teach them how to think holistically about security. The theme that runs through the training, and the book, is pulling the security focus that’s usually left until the end of the project or “go live” right into each Sprint. Baking security into the product from the cheapest possible place. Thus saving large amounts of money due to re-work and business asset loss. Kim will be teaching attendees a very simple threat modelling process initially blue printed by one of the best security experts the world has known, Bruce Schneier, then how to apply that process to a 10,000′ view and lower for a collection of areas:

Workshop - Security Regression Testing with ZapAPI and NodeGoat

Kim Carter has developed a strong track record as a technology architect and information security professional over 15 years. He is a Chapter Leader of the Open Web Application Security Project (OWASP) NZ and a Certified Scrum Master. Kim enjoys facilitating and motivating cross-functional, self-managing teams. You’ll find the insights from Kim’s talk in his new book, Holistic Infosec for Web Developers. NodeConf gives you unparalleled access to top thought leaders like Kim Carter.