Application. Security. on line training. Academy. by Appsec Labs

Similar documents
Certified Secure Web Application Engineer

CSWAE Certified Secure Web Application Engineer

Students should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:

"Charting the Course to Your Success!" Securing.Net Web Applications Lifecycle Course Summary

TRAINING CURRICULUM 2017 Q2

Development*Process*for*Secure* So2ware

Students should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Web Application Security. Philippe Bogaerts

Security Communications and Awareness

OWASP Top David Caissy OWASP Los Angeles Chapter July 2017

Application Security Approach

GOING WHERE NO WAFS HAVE GONE BEFORE

SECURITY TRAINING SECURITY TRAINING

Web Application Penetration Testing

Continuously Discover and Eliminate Security Risk in Production Apps

Instructor-led Training Course Catalog

Security Communications and Awareness

Improving Security in the Application Development Life-cycle

OWASP Top 10 The Ten Most Critical Web Application Security Risks

6-Points Strategy to Get Your Application in Security Shape

C1: Define Security Requirements

SECURITY TESTING. Towards a safer web world

Andrew Muller, Canberra Managing Director, Ionize, Canberra The challenges of Security Testing. Security Testing. Taming the Wild West

Your Turn to Hack the OWASP Top 10!

Web Applications Penetration Testing

OWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP

Advisory: Students should have already taken MICROCOMPUTER APPLICATIONS II - 431

Training Program Catalog SECURITY INNOVATION

PEACHTECH PEACH API SECURITY AUTOMATING API SECURITY TESTING. Peach.tech

Web Application Threats and Remediation. Terry Labach, IST Security Team

Table of Contents Computer Based Training - Security Awareness - General Staff AWA 007 AWA 008 AWA 009 AWA 010 AWA 012 AWA 013 AWA 014 AWA 015

Using Open Tools to Convert Threat Intelligence into Practical Defenses A Practical Approach

Mobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing

CLOUD COMPUTING SECURITY THE SOFT SPOT Security by Application Development Quality Assurance

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

F5 Big-IP Application Security Manager v11

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

V Conference on Application Security and Modern Technologies

Sichere Software vom Java-Entwickler

Securing Your Web Application against security vulnerabilities. Alvin Wong, Brand Manager IBM Rational Software

BEST PRACTICES FOR SELECTING A WEB APPLICATION SCANNING (WAS) SOLUTION

Web Application Vulnerabilities: OWASP Top 10 Revisited

Simplifying Application Security and Compliance with the OWASP Top 10

Exploiting and Defending: Common Web Application Vulnerabilities

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management

Applications Security

E-guide Getting your CISSP Certification

OWASP Romania Chapter

OWASP Thailand. Proxy Caches and Web Application Security. OWASP AppSec Asia October 21, Using the Recent Google Docs 0-Day as an Example

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

COMP9321 Web Application Engineering

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11

Ethical Hacking as a Professional Penetration Testing Technique ISSA Southern Tier & Rochester Chapters

Application Security Training Program

Ingram Micro Cyber Security Portfolio

Cybersecurity Education Catalog

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

Managed Application Security trends and best practices in application security

OWASP Review. Amherst Security Group June 14, 2017 Robert Hurlbut.

Certified Ethical Hacker V9

TIBCO Cloud Integration Security Overview

Security Awareness, Training and Education Catalog

Seth & Ken s Excellent Adventures in Secure Code Review. Training Course 17th & 18th of October. Table of Contents

OWASP TOP OWASP TOP

DXC Security Training

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

COMP9321 Web Application Engineering

Descriptions for CIS Classes (Fall 2017)

W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

(CNS-301) Citrix NetScaler 11 Advance Implementation

OWASP ASVS for NFTaaS in Financial Services OLEKSANDR KAZYMYROV, TECHNICAL TEST ANALYST

DEFENSIVE PROGRAMMING. Lecture for EDA 263 Magnus Almgren Department of Computer Science and Engineering Chalmers University of Technology

Kishin Fatnani. Founder & Director K-Secure. Workshop : Application Security: Latest Trends by Cert-In, 30 th Jan, 2009

Application Security through a Hacker s Eyes James Walden Northern Kentucky University

IT Technician Pathways Course Guide

Course 831 EC-Council Certified Ethical Hacker v10 (CEH)

Presentation Overview

OWASP TOP Release. Andy Willingham June 12, 2018 OWASP Cincinnati

RiskSense Attack Surface Validation for Web Applications

Application Layer Security

Application Security. Doug Ashbaugh CISSP, CISA, CSSLP. Solving the Software Quality Puzzle

Cyber Security School

Course 831 Certified Ethical Hacker v9

Solutions Business Manager Web Application Security Assessment

Secure Development Guide

.NET Secure Coding for Client-Server Applications 4-Day hands on Course. Course Syllabus

Notes From The field

McAfee Web Gateway Administration

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

COURSE 20486B: DEVELOPING ASP.NET MVC 4 WEB APPLICATIONS

Andrew van der Stock OWASP Foundation

DIS10.1 Ethical Hacking and Countermeasures

Aguascalientes Local Chapter. Kickoff

Application Security Introduction. Tara Gu IBM Product Security Incident Response Team

OPEN WEB APPLICATION SECURITY PROJECT OWASP TOP 10 VULNERABILITIES

Mitigating Security Breaches in Retail Applications WHITE PAPER

.NET JAVA C ASE. Certified. Certified. Application Security Engineer.

Secure Application Development. OWASP September 28, The OWASP Foundation

Transcription:

Application Security on line training Academy by Appsec Labs

APPSEC LABS ACADEMY APPLICATION SECURITY & SECURE CODING ON LINE TRAINING PROGRAM AppSec Labs is an expert application security company serving as a center of excellence in the field of application security for hundreds of organizations around the globe In order to provide a scalable, cost effective solution for companies wishing to improve developer's knowledge of Application Security, AppSec Labs has created a series of E learning based application security courses THE APPLICATION SECURITY E LEARNING ADDED VALUES: COMPLIANCE Almost all regulations require security training for development teams -our e-learnings' provide a complete solution for complying with regulations such as PCI, HIPAA and ISO 270001 application security training requirements. NEW EMPLOYEE TRAINING new comers to your team can get immediate access to the course and can be required to pass the training and acquire the security knowledge they need from the get go KNOWLEDGE BASE FOR SECURE CODING BEST PRACTICES training is great but with our e learning solutions developers have FREE ACCESS to the e learnings for as long as you are licensed and can use the e learnings on the fly to help implement security best practices throughout work. CERTIFICATION Following completion of all chapters the students will be directed to a final exam- once passing the final exam, the student will receive a completion certificate.

APPSEC LABS ACADEMY E LEARNING ADVANTAGES FLEXIBILITY - Trainees can go through the training program at times that are comfortable for them, on the organizational level this is a major advantage because the training isn t confined to a rigid time and location enabling the organization to keep work processes running as usual without needing to cause employees loss of full work days. REDUCED TRAINING TIMES - traditional classroom methods are time consuming, E learning time is estimated to be a quarter of live class room time, meaning that each hour of E learning is equivalent to 4 hours of class room training. REDUCTION OF TRAINING COSTS - deployment of global training is a costly affair transportation and accommodation of trainers, training cost per class and lost time of development teams make class room training a costly affair...

APPSEC LABS ON LINE COURSE CATALOG APPSEC LABS OFFERS THE FOLLOWING COURSES IN E LEARNING MODE: Course Title Target Audience Duration Fundamentals of Application Security OWASP top 10 Developers, QA, System designers/architects, managers 90-120 Minutes Secure Coding Fundamentals for developers of all technologies Developers, QA, System designers/architects, managers 90-120 Minutes Java Secure Coding Java Developers 5-6 hours NET Secure Coding Net Developers 5-6 hours Android Secure Coding Android Developers 3-4 hours ios Secure Coding HTML5, JS & Angular Secure Coding Exclusive!!!! Android Application Hacking BlackHat Edition ios Developers HTML5, JS & Angular Developers Security experts, penetration testers 3-4 hours 90-120 Minutes 6-7 hours All our trainings include: Audio Lectures and presentations Demo / simulation videos Detailed explanation Searchable content Final exam Certification Personal VM for hands on labs available for some courses TRAINING PLATFORM APPSEC LABS ACADEMY LMS All our trainings are performed via usage of the APPSEC LABS ACADEMY LMS which manages all courses, students and trainers and of course our hands-on labs. HANDS-ON LABS & VIRTUAL MACHINES In order to minimize the gap between academic knowledge and the real world, we have developed a unique cloud-based environment. This enables our students to practice what they learned in our course and gain hands-on experience. Each student will get access to a personal virtual machine fully loaded for performing the exercise labs.

JAVA Secure Coding JAVA SECUTE CODING JAVA SECURE CODING Secure programming is the best defense against hackers. This multilayered course will demonstrate live real time hacking methods, analyze the code deficiency that enabled the attack and most importantly, teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your J2ee applications. The methodology of the Cycle of knowledge is as follows: Understand, Identify, Prevent. This methodology presents the student with analytical tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. The courses cover major security principles in the Java framework, the training includes programming vulnerabilities, and specific security issues relevant to J2EE web, JNLP applications. Unit 1: Introduction Unit 1 Appendix: Tools Unit 2: Input Validation Unit 3: Authentication Unit 4: Authorization Unit 5: Session & Cookie Management Unit 6: Dealing with Databases Unit 7: Output Encoding Unit 8: Error Handling Unit 9: Security Logging Unit 10: File Handling Unit 11: File Uploads Unit 12: Data Confidentiality and Integrity TARGET AUDIENCE Java Developers DURATION - 5-6 hours OPTIONAL - personal VM access for labs.

.NET Secure Coding.NET SECURE CODING Secure programming is the best defense against hackers. This multilayered course will demonstrate live real time hacking methods, analyze the code deficiency that enabled the attack and most importantly, teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your. Net applications. The methodology of the Cycle of knowledge is as follows: Understand, Identify, Prevent. This methodology presents the student with analytical tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. The courses cover major security principles in the.net framework, the training includes programming vulnerabilities, and specific security issues relevant to.net applications. Unit 1: Introduction Unit 7: Output Encoding Unit 1 Appendix: Tools Unit 8: Error Handling Unit 2: Input Validation Unit 9: Security Logging Unit 3: Authentication Unit 10: File Handling Unit 4: Authorization Unit 11: File Uploads Unit 5: Session & Cookie Management Unit 12: Data Confidentiality and Integrity Unit 6: Dealing with Databases DURRATION - 5-6 HOURS TARGET AUDIENCE NET Developers OPTIONAL - personal VM access for labs.

Android Secure Coding ANDROID SECURE CODING ANDROID SECURE CODING Secure programming is the best defense against hackers. This multilayered course will demonstrate live real time hacking methods, analyze the code deficiency that enabled the attack and most importantly, teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your Androids applications. The methodology of the Cycle of knowledge is as follows: Understand, Identify, Prevent. This methodology presents the student with analytical tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. The courses cover major security principles for securing Android applications, the training includes programming vulnerabilities, and specific security issues relevant to Android applications. Unit 1: Intro to Mobile Application Secure Coding Unit 2: Intro to Android Application Security Model Unit 3: Android Permission Model Unit 4: Secure Communication - Traffic Analysis & Manipulation Unit 5: Secure Cryptography Unit 6: Authentication and Authorization Unit 7: Secure IPC Unit 8: Reversing and Runtime Hooking Unit 9: Anti Reversing Techniques TARGET AUDIENCE Android developers DURATION - 3-4 hours

ios Secure Coding IOS SECURE CODING ios SECURE CODING Secure programming is the best defense against hackers. This multilayered course will demonstrate live real time hacking methods, analyze the code deficiency that enabled the attack and most importantly, teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your ios applications. The methodology of the Cycle of knowledge is as follows: Understand, Identify, Prevent. This methodology presents the student with analytical tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. The courses cover major security principles for securing ios applications, the training includes programming vulnerabilities, and specific security issues relevant to ios applications. Unit 1: IIntro to Mobile Application Secure Coding Unit 2: IIntroto ios Application Security Model Unit 3: Secure Storage Unit 4: Secure Communication Unit 5: Secure Cryptography Unit 6: Authentication and Authorization Unit 7: Reversing and Runtime Hooking Unit 8: Anti Reversing Techniques DURATION - 3-4 hours TARGET AUDIENCE ios development team members

HTML5, JS & Angular Secure Coding HTML5, JS & ANGULAR SECURE CODING HTML5, JS & ANGULAR SECURE CODING Secure programming is the best defense against hackers. This multilayered course will demonstrate live real time hacking methods, analyze the code deficiency that enabled the attack and most importantly, teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your HTML5, JS and Angular applications. The methodology of the Cycle of knowledge is as follows: Understand, Identify, Prevent. This methodology presents the student with analytical tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. The courses cover major security principles for securing HTML5, JS and Angular applications, the training includes programming vulnerabilities, and specific security issues relevant to HTML5, JS and Angular applications. Unit 1: Introduction to Application Security Unit 2: JavaScript Secure Coding Unit 3: Browser Security Policy Unit 4: HTML5 Secure Coding Unit 5: Angular2 Secure Coding TARGET AUDIENCE HTML5, JS &Angular development team members DURATION - 90-120 Minutes

Secure Coding For Developers - Fundamentals SECURE CODING FOR DEVELOPERS - FUNDAMENTALS SECURE CODING FOR DEVELOPERS - FUNDAMENTALS Secure programming is the best defense against hackers. This multilayered course will demonstrate live real time hacking methods, analyze the code deficiency that enabled the attack and most importantly, teach how to prevent such vulnerabilities by adopting secure coding best practices in order to bullet-proof your applications. The methodology of the Cycle of knowledge is as follows: Understand, Identify, Prevent. This methodology presents the student with analytical tools to keep a deeper understanding of coding vulnerabilities and implement security countermeasures in different areas of the software development lifecycle. 1. Security design best practices 2. Security coding best practices TARGET AUDIENCE Developers of all languages DURATION 90-120 Minutes a. Authentication b. Authorization and Access control c. Password management d. Input validation e. output encoding \ decoding f. File handling g. Session management h. Sensitive data protection & cryptography i. Secure communication j. Error handling k. Logging and auditing l. Secure configuration m. Secure data access n. Memory management 3. Security testing 4. Security code deployment best practices

Fundamentals of Application Security FUNDAMENTALS OF APPLICATION SECURITY FUNDAMENTALS OF APPLICATION SECURITY This course is an introduction to application security threats, demonstrating the security problems that exist in corporate systems with a strong emphasis on application security and secure design. This course covers the major security vulnerabilities including the OWASP top 10 vulnerabilities, and secure-design & coding best practices when designing and developing web applications & server-based services. This course s main objective is raising the awareness on the problems that might occur without secure coding practices. The training aims to teach software engineers their important role in the corporate effort to secure its systems, while utilizing information security best practices. The student will learn about the threat landscape and the controls he should use during the software development lifecycle. Unit 1: Injection Flaws Unit 2: Cross-Site Scripting (XSS) Unit 3: Broken Authentication & Session Management Unit 4: Insecure Direct Object References Unit 5: Cross-Site Request Forgery (CSRF) Unit 6: Security Misconfiguration Unit 7: Insecure Cryptographic Storage Unit 8: Failure to Restrict URL Access Unit 9: Insufficient Transport Layer Protection Unit 10: Unvalidated Redirects & Forwards TARGET AUDIENCE Developers, QA teams, System Architects, Managers DURATION: 90-120 Min The materials are presented in the following methodology: Definition, Impact, Example Scenarios, Demo Video, Counter measures CONTACT US FOR A DEMO TODAY: INFO@APPSEC-LABS.COM

SOME OF OUR ON LINE ACADEMY CUSTOMERS

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback