BSidesSF 2020

Event locked in Sched to limit confusion, see registration to determine current session availability.
Event held offsite, location to be announced (NOT METREON!)
Registration at https://bsidessf.regfox.com/2020 REQUIRED (cannot be reserved with Sched)

This course is designed for anyone who has little to no knowledge about web application security, but wants to either (a) learn more about it; or (b) start developing the skillsets needed to be effective in testing web applications for security vulnerabilities.

This course will start from absolute zero, and aim to provide all the definitions, tooling, and guidance you will need to get started with web application security testing. Students of this course will leave the session with a comfortable understanding of some common web application vulnerability classes, how to identify them, what risks they pose, and how they could be exploited in the wild.

Nothing more than a functioning laptop is needed for this course. If you happen to be able to install a VM, that may prove to be helpful, but again the stated and explicit goal of this course is to leave no one behind, and to give everyone an opportunity to start learning an invaluable skillset that can be immensely helpful in advancing one's career, or just general understanding of how webapp vulns look and function. If you've ever been interested in web application security, this class is an excellent opportunity to start.

Do be aware that this is a fairly long class, and to get the most out of it, we strongly recommend staying engaged through the entirety of it. Also, be sure to ask questions - the goal is to make sure that you're enabled, not confused.

NOTE: as such, this class is not intended for advanced or intermediate web application security practitioners, as persons with those skillsets will likely find this class to be very basic in the level of depth and concepts covered.