Micah is Snyk's Director of DevSecOps Acceleration. With 27 years of Java Experience (yup, that's from the beginning) and 21 years as a security professional Micah's authored numerous articles, co-authored a Java EE book, and spoken at many conferences. He's a maker, who's built full-size MAME arcade cabinets and repaired old electronic games (http://afitnerd.com/2011/10/16/weekend-project-fix-dark-tower/). He brings his love of all things security and Java to a conference near you!
The Small fix is a web game where you win prizes for fixing security vulnerabilities in open source projects and compete to be “the top fixer”.
Learn how to solve Capture the Flag (CTF) challenges, including pwn and web.
After the workshop, you'll have solved your first CTF challenge and built new security skills.
The Log4j security vulnerability better known as Log4Shell was the most severe security issue in years. In this minilab, we will explore and rebuild the exploit in an old and new versions of Java. After this lab, you have a better understanding of this security vulnerability. More importantly, you know why and how to fix similar problems in your application.
The Small fix is a web game where you win prizes for fixing security vulnerabilities in open source projects and compete to be “the top fixer”.
In Vuln smack down, we’ll start with a multi-user chat app and see what vulnerabilities lurk that we can exploit together. We’ll then move on to some fun container exploits. Throughout, I’ll demonstrate how we can find and fix these vulnerabilities.