Learn about how application vulnerabilities work, and how to fix them.
The workshop focuses on Core Application Security principles aimed at Product Developers, Architects, Program Managers and Testers. The workshop aims to equip the trainees with platform and technology agnostic remediation strategies against application security vulnerabilities.
In addition to the updated concepts of the OWASP Top 10, the workshop is replete with real-world case studies, demonstrations and hands-on exercises. The modules are designed to drive home the concept of building applications securely - irrespective of technology and platform.
- Deep-Dive Understanding of Injection Flaws like SQL Injection, Command Injection, Server-Side Template Injection and others
- Perform SQL Injection Attacks like a real-world adversary with the Cloud Labs and learn how it works
- Marc Armstrong, VGW
I think this was a fantastic training especially in terms of the quality of the labs. I've done a lot of different InfoSec trainings and the labs are usually a little haphazard. The labs in this training were structured in such a way that we could take this data and the labs themselves and keep working on the concepts discussed.
- Vedusha Chooramun, CBA and Bankwest Perth
I was expecting the course to be too basic but after getting some hands-on practice with the material I think it was really worth it in fact I felt the class enhanced the skills I already had. I'm taking away a lot of new techniques, new material which I can embed into my company. The trainer has been really great.
Our Application Security and Cloud Security programs is a regular feature at marquee application security conferences across the world.
Is this training specific to any programming language?
No. The training has been designed to be beneficial to product teams across the globe irrespective of the tech stack they use. All the vulnerability remediation assistance and best practices in application security imparted in the training are agnostic of platform or technology.
What level of existing security awareness is required for the audience?
This course is aimed at facilitating cross-skill development across the engineering community like developers, architects or QA teams. Hence attendees are not expected to have any prior understanding of security.
What would be some tangible takeaways from this training on a short to medium term basis?
The core objective of this course is to help engineering teams develop secure applications. Attendees will be given a detailed understanding of how vulnerabilities are exploited in the wild along with best practices that aid in secure application development.
Let’s face it, your application security sucks! But don’t fret, there’s hope yet. Here are 3 very critical things that organizations sometimes miss out on when trying to fix application security.
This webinar would showcase security vulnerabilities purely in light of its underlying code and emphasize on the practical differences between secure and insecure code.
These things don’t always mean the same thing. Read on to find out why a holistic approach to AppSec is absolutely required, rather than a purely exploit/bug hunting approach.