Frank Kim
Author of Secure Coding in Java/JEE
Frank Kim is a security leader with over 17 years of experience in information security, risk management, and enterprise IT. He has a passion for developing security strategies and building teams focused on practical solutions to business risks. He currently serves as the curriculum lead for application security at the SANS Institute and is the author and an instructor for the Secure Coding in Java course. Frank is a popular public speaker and has presented at security, software development, and leadership events around the world and was twice named a JavaOne Rock Star.Presentations
REST Security by Example
1:30 PM MDT
Do you use REST from your mobile and HTML5 apps to communicate with backend services? Are you doing so securely?
Find out how to use simple authentication, access control, and encryption techniques to
protect your RESTful services. You will also learn how vulnerabilities like Cross-Site Request Forgery (CSRF) can be used by attackers to hack your services.
Using live demos, developers and architects will learn how to secure critical REST services and proactively prevent attacks from occurring to stop hackers from exploiting their applications.
Web Application Security By Example
3:15 PM MDT
Learn how to exploit security vulnerabilities that are commonly found in the arsenal of malicious attackers. We won't simply talk about issues like XSS, CSRF and SQL Injection, but will have live demos showing how hackers exploit these potentially devastating defects using freely available tools. You'll see how to hack a real world open source application and explore bugs in commonly used open source frameworks. We also look at the source code and see how to fix these issues using secure coding principles. We will also discuss best practices that can be used to build security into your SDLC.
Java developers and architects will learn how to find and fix security issues in their applications before hackers do.