20th edition
09:30 AM
Registration Starts
10:00 AM
Welcome Note
By: Harinee
10:15 AM
Securing against Data theft by vulnerable dependencies in your App
In this hands-on session, learn how a dependency added to your project, can cause a security vulnerability and how to protect your application against it.
By: Jagdsh
Resources: Workshop Instructions • Presentation • Source Code
YouTube: Link
11:30 AM
Tea Break
11:45 AM
Security headers - Build them stronger !!
Learn what response Headers are and how they can be leveraged to tighten up the security of our Web-Apps against most of the security vulnerabilities.
By: Deepthi
Resources: Presentation
YouTube: Link
12:45 PM
Lunch
2:00 PM
Hack using Cross Site Scripting (XSS) and Broken authentication vulnerabilities
These vulnerabilities are part of OWASP top-10 security risks since 2010. Lets learn in a hands-on way, how to hack an application exposing these vulnerabilities and also to protect our App against these attacks.
By: Agalya and Abinaya
Resources: Workshop Instructions • Presentation
03:00 PM
Automate security testing using ZAP API
Given automation is inevitable in today's world, in this workshop, learn to automate security testing using ZAP API (an opensource tool) in a hands-on mode. Also, learn to make it part of your CI/CD.
By: Anto and Thivya
Resources: Workshop Instructions • Presentation • Source Code
YouTube: Link
04:30 PM
High Tea and Networking
Abinaya, a Senior Quality Analyst in ThoughtWorks has about 4.5 years of experience spanning across different domains like e-procurement, banking, media and retail. With interest in learning new technologies, trends and tools, she is also passionate in fixing defects in web applications.
Anto is a Senior Quality analyst at ThoughtWorks with deep passion for automation in agile environments. His primary responsibility is to implement the test strategy for the projects that ThoughtWorks is building for their clients. He has worked on a number of web application for the past 5 years
After a graduation in Physics and MBA in Systems, Harinee joined ThoughtWorks 9 years back as a QA. Application security has been her passion since then and striving for the best quality in delivery has become an obsession for her. Today, she plays the role of Security Practice Lead at ThoughtWorks India and incorporating security practices in every delivery is a major part of her job role.
Agalya is a Senior Quality Analyst at ThoughtWorks with 10+ years of experience in the software testing field. She is passionate about shipping a quality product and specialises in automated testing. Her current efforts focus on devops and security testing.
Deepthi is a polyglot programmer and security enthusiast, with over 6+ years of experience in ThoughtWorks. Having cleared CISA recently, she finds the need to proactively embrace the unpredictable & ever-changing VUCA world through secure and resilient coding practices.
JagdshLK is a Application Developer @TW with 5 Years experience in Software. He is a full stack developer currently working on a .Net platform. He is very much passionate in learning new threat modeling, implementations and also bringing the awareness, of the same, to a larger community.
vodQA, also called Value Oriented Discussion on Quality Analysis is a forum that sports the moto - 'Come Learn Something New'. The forum offers a unique platform within the software testing industry to strengthen the QA community through knowledge sharing.
We love feedback! If you have any suggestions or cribs, feel free to fill out our feedback form. Don't worry, its completely anonymous.
vodQA Volunteers