Login

Weekly DevSec Friday Webinars

A 600+ strong online community of developers and security professionals. Join us Friday’s at 12PM EST for exercises and discussions on the latest tools and DevSecOps practices.

Writing Secure JavaScript Applications

📅 Every Friday @ 12PM EST  | October 23 – Nov 6

JavaScript Injection Attacks

Injection attacks are very common in JavaScript due to how the language works. During this webinar we will go over the different versions of injection attacks and the different ways of mitigating them.

Cross-Site Scripting

XSS is one of the most common vulnerabilities in general but it is even more prominent in JavaScript based stacks due to the increased attack surface. Although, Angular and React are doing better in terms of mitigations there are still a few places that need attention if you are using these frameworks.

Prototype Pollution & Denial of Service

Prototype Pollution is the latest security pain the JavaScript ecosystem. Protoype pollution can sometimes lead to arbitrary code execution, sanitizer bypass and slew of other vulnerabilities. Additionally, we are going to tackle denial of service in JavaScript and how to mitigate it.

5/5
"The quality of his teaching is far beyond his vast knowledge in this area. His contagious enthusiasm and confidence motivates us to improve our commitment along the sessions. I highly recommend Mr. Koussa for a learning path onto security IT."
Carmen RuizIT Analyst
“I have been enjoying the sessions. They are value-packed. Sherif and the team are doing a great job of keeping everyone engaged and making these sessions super interactive."
Nancy GaricheSenior Cyber Security Analyst
"It’s equal parts education and entertaining. The extra-engagement-focused webinar set-up is working very well and makes it feel very communicative and collaborative, while the prepared backing material still provides ample information to take away each week."
Nicholas HebertDevOps Lead
Previous
Next

Building A DevSecOps Pipeline Using GitHub Actions

Integrating Static Analysis Security Testing

We'll discuss best practices, modern tools, and hear from experts who have had success building security into their development pipeline, and have a live Q&A period.

Integrating Dynamic Analysis Security Testing

We will be integrating checks for git secrets into the pipeline, dynamic application security testing (DAST) to the pipeline, hear from our guest StackHawk and wrap up with a live Q&A period.

Checking For 3rd Party Dependencies

We will be discussing the top dependency check tools for your pipeline, walk through exercises, integrating dependency checks within your IDE, and have a live Q&A period.

Adding Container Security Into Your Pipeline

We will be discussing the topics related to containers and container security. We will integrate a free container security tool and Integrate and demo Snyk for container security.

Watch recording
Watch recording
Watch recording
Watch recording

OWASP Webinar Series

injection

OWASP Top 10: Injection

Occurs when untrusted data is sent to an interpreter as part of a command or query which can execute unintended commands or access unauthorized data.

OWASP Top 10: Broken Authentication

A result of an inadequately developed login pages, authentication logic, backdoor, custom session management or authentication scheme.

sensitive data exposure

OWASP Top 10: Sensitive Data Exposure

Attackers steal keys, execute man-in-the-middle attacks, or steal clear text data off the server, while in transit, or from the user’s client.

Watch recording
Watch recording
Watch recording

Read to get started?

A light-weight code security tool built for developers to code securely, fix quickly, and deploy fast.

Sign up for free
Schedule a demo

Product

Company

QUESTIONS

Linkedin-in
Envelope
Github