Adding pentests to your Django project's test suite
Sunday 12:00-14:00 UTC+2 in Sprint Venue Workshop Room
When resources are limited, one way to get your apps pentested, and pentested often, is to add pentesting to your existing test suite. Let us teach you how!
In this workshop we’ll start you out with a deliberately insecure Django app which has a basic BDD test suite built with Behave and Selenium.
We’ll hold your hand as you go through the process of adding pentests to the test suite using OWASP’s ZAP vulnerability scanner, and fixing the vulnerabilities which ZAP finds.
By the end of the workshop, you’ll know enough to incorporate automated pentesting into the tests of the apps you work on.
No security knowledge is needed or assumed for this workshop. You’ll just need some very basic Django and Git skills, and a computer which can connect to wifi and have ZAP installed on it. People just starting out with Django are very welcome!
Break-out sessions are expected to last around 60 minutes. They will have limited seats and will have a sign-up option provided on the ticketholder website, once the schedule is known.