Weekly DevSec Friday Webinars

Join us Friday’s at 12PM EST on various software development security practices. 

Writing Secure JavaScript Applications

Every Friday 12PM EST October 23rd-Nov 6th

Oct 23rd @ 12PM EST

Injection attacks are very common in JavaScript due to how the language works. During this webinar we will go over the different versions of injection attacks and the different ways of mitigating them.

Oct 30th @ 12PM EST

XSS is one of the most common vulnerabilities in general but it is even more prominent in JavaScript based stacks due to the increased attack surface. Although, Angular and React are doing better in terms of mitigations there are still a few places that need attention if you are using these frameworks.

Nov 6th @ 12PM EST

Prototype Pollution is the latest security pain the JavaScript ecosystem. Protoype pollution can sometimes lead to arbitrary code execution, sanitizer bypass and slew of other vulnerabilities. Additionally, we are going to tackle denial of service in JavaScript and how to mitigate it.​

Building A DevSecOps Pipeline Using GitHub Actions

Every Friday 12PM EST July 10th – 24th

July 10th @ 12PM EST

We'll discuss best practices, modern tools, and hear from experts who have had success building security into their development pipeline, and have a live Q&A period.

July 17th @ 12PM EST

We will be integrating checks for git secrets into the pipeline, dynamic application security testing (DAST) to the pipeline, hear from our guest StackHawk and wrap up with a live Q&A period.

July 24th @ 12PM EST

We will be discussing the top dependency check tools for your pipeline, walk through hands on exerises, integrating dependency checks within your IDE, and have a live Q&A period.

OWASP webinar series

Completed April-June 2020

injection

OWASP Top 10: Injection

Occurs when untrusted data is sent to an interpreter as part of a command or query which can execute unintended commands or access unauthorized data.

OWASP Top 10: Broken Authentication

A result of an inadequately developed login pages, authentication logic, backdoor, custom session management or authentication scheme.

sensitive data exposure

OWASP Top 10: Sensitive Data Exposure

Attackers steal keys, execute man-in-the-middle attacks, or steal clear text data off the server, while in transit, or from the user’s client.

Read to get started?

A light-weight code security tool built for developers to code securely, fix quickly, and deploy fast.