BSidesSF 2020 has ended
Back To Schedule
Saturday, February 22 • 12:45pm - 6:00pm
A hands-on, beginner's introduction to web application security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Event locked in Sched to limit confusion, see registration to determine current session availability.
Event held offsite, location to be announced (NOT METREON!)
Registration at https://bsidessf.regfox.com/2020 REQUIRED (cannot be reserved with Sched)

This course is designed for anyone who has little to no knowledge about web application security, but wants to either (a) learn more about it; or (b) start developing the skillsets needed to be effective in testing web applications for security vulnerabilities.

This course will start from absolute zero, and aim to provide all the definitions, tooling, and guidance you will need to get started with web application security testing. Students of this course will leave the session with a comfortable understanding of some common web application vulnerability classes, how to identify them, what risks they pose, and how they could be exploited in the wild.

Nothing more than a functioning laptop is needed for this course. If you happen to be able to install a VM, that may prove to be helpful, but again the stated and explicit goal of this course is to leave no one behind, and to give everyone an opportunity to start learning an invaluable skillset that can be immensely helpful in advancing one's career, or just general understanding of how webapp vulns look and function. If you've ever been interested in web application security, this class is an excellent opportunity to start.

Do be aware that this is a fairly long class, and to get the most out of it, we strongly recommend staying engaged through the entirety of it. Also, be sure to ask questions - the goal is to make sure that you're enabled, not confused.

NOTE: as such, this class is not intended for advanced or intermediate web application security practitioners, as persons with those skillsets will likely find this class to be very basic in the level of depth and concepts covered.

avatar for Grant McCracken

Grant McCracken

Solutions Architect, Bugcrowd
Grant is currently the Director of Program Operations and Solutions at Bugcrowd, and has been in the application security space for the last eight years, and the bug bounties for the last five. He's gotten his OSCP, given talks at Appsec USA and EU, and enjoys helping others get into... Read More →

Kevin Hemmingsen

Kevin Hemmingsen is the Manager of Solutions Architecture at Bugcrowd, and has helped launch and oversee the management of hundreds of bug bounty programs.

avatar for HashiCorp



Saturday February 22, 2020 12:45pm - 6:00pm PST
Vagrant HashiCorp SF Office 101 2nd St #700, San Francisco, CA 94105

Attendees (1)