Cyber Skills Level-Up! 2025 Southern Edition
I ran a web security workshop at CSLU'25 @ UTM
Over the weekend, I was given the opportunity to run a web security workshop at UTM as part of the CSLU’25 Southern Edition program. FYI, Cyber Skills Level-Up! is an initiative by RE:HACK to develop cybersecurity talent among students in Malaysia.
You can find the workshop material over here.
This was my first time giving a workshop in front of a live crowd, and ngl I was a bit intimidated. Partly because the students were from UTM, which historically is well-known for producing some of the brightest STEM students in the country 😣.
For the workshop, I had a few goals in mind:
- Teach students how unintended mistakes that we make as developers can lead to high impact vulnerabilities.
- Teach students how to patch the vulnerabilities they identify.
I included #2 because I feel like there’s a huge emphasis on exploitation in CTFs (makes sense, it’s a lot more fun to break stuff than it is to fix them 😜), but IRL, developers are responsible for fixing those vulnerabilities.
Now, developers are very busy people. They’re trying to ship features and meet deadlines, so the last thing that they need is to get buried with security issues that they don’t fully understand. And if you don’t understand why something is vulnerable, how are you going to fix them?
That’s why I think it’s important that security people know how to fix the bugs that they find, at the very least some basic mitigation steps that can steer people in the right direction, and know how to communicate these findings clearly.
These were what I wanted to deliver in my workshop, hopefully the idea got across to the students. :)
Credits
Huge thanks to RE:HACK, and the amazing people here that helped make this happen. 🙇♂️