BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//talks.toorcon.net//toorcon21//talk//JXT88P
BEGIN:VTIMEZONE
TZID:PST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:PST
TZOFFSETFROM:-0700
TZOFFSETTO:-0800
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:PDT
TZOFFSETFROM:-0800
TZOFFSETTO:-0700
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-toorcon21-JXT88P@talks.toorcon.net
DTSTART;TZID=PST:20191108T113000
DTEND;TZID=PST:20191108T115500
DESCRIPTION:Developers often do not know what the common issues are with th
 e framework they are using. At the same time\, most common frameworks ship
  with easy ways to shoot your applications security in the foot. In this
  world we live in\, developer education will fail if even one mistake is m
 ade\, which will expose a dangerous vulnerability. In this talk\, well s
 how how you can dramatically reduce the chance developers will shoot thems
 elves in the foot by giving them safer versions of their common tools so y
 our company can ship more secure code.\n	We will write wrapper classes and
  safe versions of common tools to eliminate XSS vectors\, open redirects\,
  XXE\, SSRF\, LFI\, and other dangerous bugs in your codebase. After that 
 well show simple steps to educate developers and gain traction in your o
 rganization. Then well show how easy it is to integrate SAST tools in yo
 ur CI/CD pipeline to ensure your developers use your safe tools rather tha
 n the footguns built into common frameworks.\n	This session is ideal for s
 ecurity engineers interested in eliminating entire classes of security bug
 s inside their code base.
DTSTAMP:20260314T222533Z
LOCATION:Blue Day
SUMMARY:Dont run with scissors: how to standardize the way your developer
 s use dangerous aspects of your framework - Morgan Roman
URL:https://talks.toorcon.net/toorcon21/talk/JXT88P/
END:VEVENT
END:VCALENDAR