AppSecUSA 2015

As security consultants, developers, managers, and architects we are faced with not only delivering customer value but delivering customer value responsibly. Often times after a plethora of decisions have been made.

In this hands on workshop, a reference microservices application hosting environment will be instantiated including some sample services and applications. We will decompose the reference environment to examine how it leverages (or fails to leverage) some of security capabilities from AWS. Then we will decompose the applications themselves. During this bottom up and top down inspection we will identify common mistakes and point out opportunities to prevent and accidentally inject vulnerabilities.

This workshop will help security consultants, architects, and developers develop operational and design time checklists for their organizations or customers.   

Bring your laptop and AWS account since Cloud Formation templates will be provided so you can follow along.