Sunday, April 4, 2010
April 6th, 2010 - Web Security Workshop - James Walden
We'll discuss common web application security vulnerabilities, like cross-site and injection bugs, and how to avoid introducing them in your code by addressing security from the beginning of your development process. We'll use a variant of planning poker called protection poker to assess the security risks presented by each user story. Protection poker is played during each iteration planning meeting to give developers an idea of where they need to focus security effort in development. We'll play protection poker on planningpoker.com using the freely downloadable Badstore application for our exercise.