20th edition

Sep 8 2018

Security Testing Workshop

Hack. Secure. Repeat.

09:30 AM

Registration Starts

10:00 AM

Welcome Note

By: Harinee

10:15 AM

Securing against Data theft by vulnerable dependencies in your App

In this hands-on session, learn how a dependency added to your project, can cause a security vulnerability and how to protect your application against it.

By: Jagdsh

Resources: Workshop InstructionsPresentationSource Code

YouTube: Link

11:30 AM

Tea Break

11:45 AM

Security headers - Build them stronger !!

Learn what response Headers are and how they can be leveraged to tighten up the security of our Web-Apps against most of the security vulnerabilities.

By: Deepthi

Resources: Presentation

YouTube: Link

12:45 PM

Lunch

2:00 PM

Hack using Cross Site Scripting (XSS) and Broken authentication vulnerabilities

These vulnerabilities are part of OWASP top-10 security risks since 2010. Lets learn in a hands-on way, how to hack an application exposing these vulnerabilities and also to protect our App against these attacks.

By: Agalya and Abinaya

Resources: Workshop InstructionsPresentation

03:00 PM

Automate security testing using ZAP API

Given automation is inevitable in today's world, in this workshop, learn to automate security testing using ZAP API (an opensource tool) in a hands-on mode. Also, learn to make it part of your CI/CD.

By: Anto and Thivya

Resources: Workshop InstructionsPresentationSource Code

YouTube: Link

04:30 PM

High Tea and Networking

Speakers

Abinaya
Abinaya
Senior Consultant, ThoughtWorks

Abinaya, a Senior Quality Analyst in ThoughtWorks has about 4.5 years of experience spanning across different domains like e-procurement, banking, media and retail. With interest in learning new technologies, trends and tools, she is also passionate in fixing defects in web applications.

Anto
Anto
Senior Consultant, ThoughtWorks

Anto is a Senior Quality analyst at ThoughtWorks with deep passion for automation in agile environments. His primary responsibility is to implement the test strategy for the projects that ThoughtWorks is building for their clients. He has worked on a number of web application for the past 5 years

Harinee
Harinee Muralinath
Security Practice Lead, ThoughtWorks

After a graduation in Physics and MBA in Systems, Harinee joined ThoughtWorks 9 years back as a QA. Application security has been her passion since then and striving for the best quality in delivery has become an obsession for her. Today, she plays the role of Security Practice Lead at ThoughtWorks India and incorporating security practices in every delivery is a major part of her job role.

Agalya
Agalya
Senior Consultant, ThoughtWorks

Agalya is a Senior Quality Analyst at ThoughtWorks with 10+ years of experience in the software testing field. She is passionate about shipping a quality product and specialises in automated testing. Her current efforts focus on devops and security testing.

Deepthi
Deepthi
Senior Consultant, ThoughtWorks

Deepthi is a polyglot programmer and security enthusiast, with over 6+ years of experience in ThoughtWorks. Having cleared CISA recently, she finds the need to proactively embrace the unpredictable & ever-changing VUCA world through secure and resilient coding practices.

Jagdsh
Jagdsh LK Chand
Senior Consultant, ThoughtWorks

JagdshLK is a Application Developer @TW with 5 Years experience in Software. He is a full stack developer currently working on a .Net platform. He is very much passionate in learning new threat modeling, implementations and also bringing the awareness, of the same, to a larger community.

vodQA, also called Value Oriented Discussion on Quality Analysis is a forum that sports the moto - 'Come Learn Something New'. The forum offers a unique platform within the software testing industry to strengthen the QA community through knowledge sharing.

We love feedback! If you have any suggestions or cribs, feel free to fill out our feedback form. Don't worry, its completely anonymous.

vodQA Volunteers

Editions