Resources

Links

The SANS Software Security Community provides a variety of resources. Interact with your fellow professionals and appsec experts on the SANS AppSec Blog or discover solutions to appsec related issues with a multitude of webcasts.

Whitepapers

Testing Web Apps with Dynamic Scanning in Development and Operations
By Barbara Filkins on Jun 15, 2017

Security by Design: The Role of Vulnerability Scanning in Web App Security
By Barbara Filkins on Jun 7, 2017

Using Cloud Deployment to Jump-Start Application Security
By Adam Shostack on May 24, 2017

How To Guide

The SANS Developer How To Guide provides developers with simple code examples that quickly show how to prevent common security vulnerabilities.

Blog Posts

2017 Application Security Survey is Live!
Jun 19, 2017

Taking Control of Your Application Security
Apr 18, 2017

DOM-based XSS in the Wild
Mar 16, 2017

Webcasts

NoSQL Doesn�t Make you NoVulnerable
By Johannes Ullrich on Apr 21, 2017

Mobile App Security Trends and Techniques
By Gregory Leonard on Apr 7, 2017

Struts-Shock: Current Attacks against Struts2 and How to Defend Against Them
By Johannes Ullrich and Jonathan Mandell on Apr 6, 2017

Videos

Non-repudiation
By Jason Lam and Dr. Johannes Ullrich

AJAX and Web 2.0 Security
By Jason Lam and Dr. Johannes Ullrich

The Value of Code Scanning
By Dinis Cruz

"The course used real code with simple scenarios illustrating a full attack scenario and how to fix the vulnerabilities."
- Jeffrey Bell, Lockheed Martin

"Gives tangible ideas to put into practice to make your code and infrastructure more secure."
- Keith G. Tullius, II, Escambia County Sheriff's Office

"When I get back to the office, I will use the knowledge I gained here for code review and design."
- James Guarnotta, Kinecta Federal Credit Union