Application Security Essentials
A security perspective for product development and DevOps teams to help them build applications that are secure by design.
Core AppSec Principles
Learn best practices in security through detailed understanding of flaws.
Gain a thorough understanding of how exploitation of vulnerabilities happen in the wild.
Learn platform and technology agnostic remediation strategies against common AppSec vulnerabilities.
Threat Modeling In Agile
Learn how to capture threat models in an actionable way, linking it to security test cases to ensure comprehensive risk coverage.
Tailor Make Test Cases
Derive test cases tailor made for your application to get the best out of your application security testing.
Capture Abuser Stories
Learn how to use user and abuser stories to create threat models with comprehensive threat coverage.
Learn how to perform Threat Modeling for iterative product releases using Threat Playbook.
Attacking and Defending Containers, Kubernetes and Serverless
Get a practical approach with both Offensive and Defensive flavours designed from real-world attacks that will help implement security in a scalable manner
Attacking applications leveraging containers, kubernetes and serverless technology requires specific skill set and a deep understanding of the fundamentals
Purple Team Approach
Offensive and Defensive view of containers, kubernetes and serverless making it ideal for security engineers, red-teammers, devops engineers and developers!
Automated Security Pipelines
Security specific CI/CD pipelines that helps scale security with your services
AWS Security Training
Discover manual and automated approaches to deploying and provisioning resources on Amazon Web Services in a secure manner.
Tools of the trade
Identify vulnerabilities in AWS environments using powerful tools like CS-Suite, prowler and lynis.
Build a secure AWS deployment as a practical exercise to help internalize theoretical concepts.
Use KMS encryption to secure secrets and other sensitive information across AWS.
DevSecOps & AppSec Automation
Learn how to use automation to integrate security with the application development process in a DevOps environment.
Shift Security Left
Learn how to incorporate application security within your continuous delivery pipeline.
Leverage functional automation scripts to reduce security testing time for iterative product releases.
Tool chain setup
Optimally configure DAST/SAST tools to ensure minimal disruption of development workflow.
Container & Kubernetes Security
Learn how to secure applications built using container tech like Docker and orchestration platforms like Kubernetes
Develop a comprehensive understanding of underlying container architecture.
Comprehensive Threat Coverage
Learn about security threats that are specific to containerized deployments.
Our training is replete with practical exercises that simulate real world threat scenarios.
Learn how to secure applications that are built using Serverless technology which is undoubtedly the next "big thing" in the world of distributed applications.
Understanding The Threat Landscape
This training will help attendees identify the much larger attack surface with hands-on exercises.
Security Responsibility Model
Understand the security responsibility model involving most Serverless frameworks.
Capture The Flag
Put theoretical learning to practice through our challenging CTF session
Learn how to manage secrets and sensitive information secure in cloud native environments
Common Secrets Management Anti-patterns
Hands-on view of vulnerable secrets implementations from the real world
Good Secrets Management
Learn overarching principles of good secrets management.
Emphasis on Major Service Providers
Focus on secret management with major cloud service providers like AWS, GCP & Azure