WebApp Sec mailing list archives
RE: Training for web developers?
From: "von Dadelszen, Nicholas (NZ - Wellington)" <nvondadelszen () deloitte co nz>
Date: Wed, 12 Nov 2003 14:26:01 +1300
Mark, We run a half-day Secure Web Programming course in New Zealand for our clients. The aim is to try and get developers to think a bit more like a hacker and look for security holes. It is hands-on with each participant attempting to hack into a sample application. We generally follow the standard OWASP principles and talk about why each issue occurs. Half-day isn't long but it does give the developers some insight and starts to break down standard developer mentality, which is "if it works, its finished". Nick von Dadelszen Manager, Security Services Group Enterprise Risk Services Deloitte Touche Tohmatsu __________________________________________________ E-mail: nvondadelszen () deloitte co nz Deloitte Touche Tohmatsu Phone: +64 4 470 3587 61 Molesworth St - PO Box 1990 Fax: +64 4 472 8023 Wellington, New Zealand __________________________________________________ -----Original Message----- From: Mark G. Spencer [mailto:mspencer () evidentdata com] Sent: Monday, 10 November 2003 1:10 p.m. To: webappsec () securityfocus com Subject: Training for web developers? I'm looking for recommendations on training and/or brainwashing for web developers. Something to indoctrinate the "web guys" in safe coding practices, with a focus on web stuff. Thanks! Mark G. Spencer Computer Forensics Examiner EvidentData, Inc. Web: http://www.evidentdata.com ************************************************************ CAUTION: This e-mail and any attachment(s) contains information that is both confidential and possibly legally privileged. No reader may make any use of its content unless that use is approved by Deloitte separately in writing. Any opinion, advice or information contained in this e-mail and any attachment(s) is to be treated as interim and provisional only and for the strictly limited purpose of the recipient as communicated to us. Neither the recipient nor any other person should act upon it without our separate written authorisation of reliance. If you have received this message in error please notify us immediately and destroy this message. Thank you. Deloitte Touche Tohmatsu Internet: www.deloitte.co.nz ************************************************************
Current thread:
- Training for web developers? Mark G. Spencer (Nov 11)
- Re: Training for web developers? Jeff Williams @ Aspect (Nov 13)
- <Possible follow-ups>
- RE: Training for web developers? von Dadelszen, Nicholas (NZ - Wellington) (Nov 11)
- RE: Training for web developers? Arian J. Evans (Nov 13)
- RE: Training for web developers? Larry Smith (Nov 13)
- RE: Training for web developers? Scovetta, Michael V (Nov 13)