Hands-on lab: WebGoat – Teaching application security 101

by | Feb 16, 2020 | Voxxed Days Bucharest 2020

Nanne Baars is a security software developer with a focus on Java development and one of the project leads for the OWASP WebGoat project.

A good defense against insecure code requires understanding the mechanics behind how attackers exploit simple programming mistakes. The WebGoat team will walk through exercises like SQL Injection, XSS, XXE, CSRF … and demonstrate how these exploits work.  

We will show you how you can use WebGoat to train your developers to avoid these simple but common programming mistakes.   We also show you how to extend WebGoat to create lessons specific to your environment. Join us to learn the most basic, but common, application security problems. Tired of all the lessons? During the training we will host a small CTF competition which you can take a shot at and compete with each other…