Jaap Karan Singh is Co-Founder and Chief Singh at Secure Code Warrior. Jaap focused on building the platform using latest web technologies during the early phase of the business. He is now a Customer Success Manager working with many of Secure Code Warrior’s Tier 1 customers rolling out gamified security awareness and training program for developers.
Prior to Secure Code Warrior, Jaap was a Security Consultant at BAE Systems hacking web and mobile applications as well as building secure code training for large telecommunications and banking customers. He has previously also delivered courses on protecting modern web applications at OWASP Appsec Europe, OWASP New Zealand and DevSecCon Singapore.
Everything in this world runs on software. From our banks, governments, cars and even our houses are powered by software. 111 billion lines of code is written by developers every single year. How many of those software “engineers” have been told about the dangers in their job? Developers learn about security by making mistakes and “on the job”. According to the Department of Homeland Security, 90% of security breaches result from a flaw in software design or code. We’ll look at the current state of software development and how organisations providing software that we use every day are fighting attackers and combating vulnerabilities.
We’ll briefly talk about the history of gamification, how it has been used and evolved during the years and how it can now be used as a real tool within organisations to motivate and engage employees. I will also show you how Secure Code Warrior has been helping organisations reduce security bugs and find security champions in their development teams.
Hands-On Interactive Session Have you ever wondered how easy it is to hack a bank or shopping app? Put your hacker hat on and follow along in this interactive session to hack the most common and dangerous vulnerabilities: SQL injection, cross-site scripting (XSS), command execution. Bring your laptop along to participate in this hands-on interactive session and exploit security bugs that resulted in data breaches at Twitter, Facebook, Equifax etc.
Hands-on Hackathon; Technical Participate in a hands-on, gamified environment where you compete against each other to become the ultimate ‘Secure Code Warrior.’ Participants can first select from various software languages to compete in a tournament, including Java EE, Java Spring, C# MVC, C# WebForms, Ruby on Rails, Python Django, Node.Js and more. Challenges will be based on the OWASP Top 10 Web App vulnerabilities. Participants will work on code snippets; trying to locate, identify and fix vulnerabilities within each code snippet. The difficulty will range from easy to hard, but hints and learning components are available during the tournament If you do not wish to participate in the tournament but are keen on learning more secure coding techniques, you are welcome to come along and complete challenges at your leisure on our training platform.