Training Course/Introduction to the OWASP O2 Platform

From

Contents 1 Course Details 1.1 Introduction to the OWASP O2 Platform 1.2 Course Curriculum 2 Trainner 3 Dates, Location and Cost 4 Registration 5 Related Course

(note: this is commercial (i.e. paid for) training event, and is NOT delivered or connected with the OWASP Foundation)

Course Details

Introduction to the OWASP O2 Platform

This course is designed for security consultants or developers who wish to understand how the OWASP O2 Platform works, and specifically how to quickly write C# scripts using O2's powerful development environment (O2 also supports scripting in Java or Python)

The O2 platform represents a new paradigm for how to perform, document and distribute Web Application security reviews, and one of O2's key concept is that it is designed to 'Automate Security Consultants Knowledge and Workflows' and Allow non-security experts to access and consume Security Knowledge'.

The course contains a number of hands-on labs that use O2 Scripts to explain how O2 works (i.e. using O2 on O2). This not only shows the powerful scripting and automation capabilities of O2, but also creates an easy to study environment, so that the student can 'at his/hers own pace' replicate the presented case-studies.

Course Curriculum

• O2 Guided tour
• Using O2 for BlackBox Penetration Testing
• Using O2 for WhiteBox Source Code Reviews
• Connecting the source-code traces with the web exploits to create a unified view of the vulnerabilties
• O2 support for ASP.NET Applications (including O2's AST .NET Scanner) and frameworks (Sharepoint, ASP.NET MVC)
• O2 support for J2EE Applicatons and Frameworks (Struts, Spring Framework)
• Using O2 to consume and instrument Open Source and 3rd Party security tools
• Understanding O2 File Formats/Standards & the tools that exist to manipulate them
• Understanding the currently support edWeb APIs and learn how to extend them (MediaWiki, Twitter, Blogger, WordPress, GMail, EventBrite, etc...)
• Guided tour of the multiple O2 Scripting environments, with multilple examples of how to use these development environments to write new APIs (or extend existing ones).
• Automate O2 scripts by creating custom GUIs or invoking O2 from the Command line
• Create 'Vulnerability-driven Unit Tests' to be delivered to Developers, QA/Testers and Managers

Trainner

The course is delivered by Dinis Cruz who the lead developer of the OWASP O2 Platform and has created and delivered a number of .NET Security training courses

Dates, Location and Cost

• Date(s): Jun 17th (Thu) and Jun 25th (Thu)
• Location: Central London (close to Victoria Station)
• Cost: £200.00

Registration

To register for the course use this ONLINE FORM

Related Course

• Black-Box & White-Box ASP.NET Security Reviews using the OWASP O2 Platform