Loading…
REGISTRATION IS NOW 
Conference Venue: RAI Amsterdam, Europaplein 24, 1078 GZ Amsterdam, The Netherlands

Book Hotel click HERE
Monday, September 23 • 9:00am - Wednesday, September 25 • 5:00pm
Seth & Ken’s Excellent Adventures in Secure Code Review

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Have you ever been tasked with reviewing 3.2 million lines of code manually for SQL Injection, XSS, and Access Control flaws? Have you been asked to review a new framework on short notice? Does the idea of reviewing Ruby, Go, or Node code leave you with heartburn? This course addresses all of these common challenges in modern code review. We have concentrated on taking our past adventures in code review, the lessons we’ve learned along the way, and made them applicable for others who perform code reviews. We will share our methodology to perform analysis of any source code and suss out security flaws, no matter the size of the code base, or the framework, or the language. You as a student will learn the methodology, techniques, approach, and tools used by Seth Law and Ken Johnson to understand code flows, trace user input, identify vulnerabilities, and effectively secure an application codebase.
Upon completion, attendees will know:
Students will take away knowledge and experience in approaching numerous code languages and frameworks to complete a security source code review. In addition, the learned methodology can be customized by the attendee to fit into any organization’s security SDLC. Finally, the attendee will have the tools to review source code for any web, mobile, or modern application, whether or not the targeted language is specifically covered during the course.

Speakers
avatar for Seth Law

Seth Law

President and Principal Security Consultant, Redpoint Security
Seth Law is the President and Principal Security Consultant of Redpoint Security (rdpt.io). During the last 15 years as a security professional, Seth has worked within multiple disciplines, from software development to network protection, as a manager and individual contributor. Seth... Read More →
avatar for Ken Johnson

Ken Johnson

AppSec Person, GitHub
Ken Johnson, has been hacking web applications professionally for 11 years. Ken is both a breaker and builder and currently works on the GitHub application security team. Previously, Ken has spoken at RSA, You Sh0t the Sheriff, Insomnihack, CERN, DerbyCon, AppSec USA, AppSec DC, AppSec... Read More →


Monday September 23, 2019 9:00am - Wednesday September 25, 2019 5:00pm
D301