Join us for in-depth talks, exclusive networking, and world-class training at Security Awareness Summit Dec 1-4!


To attend this webcast, login to your SANS Account or create your Account.

Java Web Security By Example

  • Tuesday, February 19, 2013 at 4:00 PM EST (2013-02-19 21:00:00 UTC)
  • Andy Chou, Frank Kim


  • Coverity, Inc.

You can now attend the webcast using your mobile device!



Learn how to exploit security vulnerabilities that are commonly found in the arsenal of malicious attackers. We won't simply talk about issues like XSS, CSRF and SQL Injection, but will have live demos showing how hackers exploit these potentially devastating defects using freely available tools. You'll see how to hack a real world open source application and explore bugs in commonly used open source frameworks. We also look at the source code and see how to fix these issues using secure coding principles. We will also discuss best practices that can be used to build security into your SDLC. Java developers and architects will learn how to find and fix security issues in their applications before hackers do.

Speaker Bios

Frank Kim

As CISO at the SANS Institute Frank leads the security risk function for the most trusted source of computer security training, certification, and research in the world. He also helps shape, develop, and support the next generation of security leaders through teaching, developing courseware, and leading the management and software security curricula.

Prior to the SANS Institute, Frank was Executive Director of Cyber Security at Kaiser Permanente with accountability for delivering innovative security solutions to meet the unique needs of the nation's largest not-for-profit health plan and integrated health care provider with annual revenue of $55 billion, 9.5 million members, and 175,000 employees. In recognition of his work, Frank was a two-time recipient of the CIO Achievement Award for business enabling thought leadership.

Frank holds degrees from the University of California at Berkeley and is a SANS certified instructor as well as the author of popular courseware on strategic planning, leadership, and application security.

Follow Frank on Twitter @sansappsec

Andy Chou

Andy co-founded Coverity in 2003 and developed key innovations in its industry-leading static analysis technology. Today, Andy is responsible for technology innovation, research, selected partnerships, and thought leadership. Prior to co-founding Coverity, Andy was instrumental in developing the core intellectual property behind the Coverity platform while earning his PhD in Computer Science from Stanford University. He also has a B.S. in Electrical Engineering and Computer Science from the University of California, Berkeley.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.