Application Security for Security Professionals
Security professionals come from all backgrounds and technical disciplines. For some of us, our careers require us to support fast moving application development teams regardless of whether we have ever actively developed software before (or indeed worked with developers). That makes keeping our applications safe, especially challenging.
This course allows security professionals to gain hands on experience with common web application vulnerabilities whilst learning more about how to coach and work with development teams to avoid them happening.
Our 2 day course provides an engaging and safe environment to get hands on with application security and learn how to work with application developers to build security into their world.
This course is aligned with the Open Web Application Security Project (OWASP) top 10 application security vulnerabilities. These include:
Broken Authentication and Session Management
Cross-Site Scripting (XSS)
Insecure Direct Object References
Sensitive Data Exposure
Missing Function Level Access Control
Cross-Site Request Forgery (CSRF)
Using Components with Known Vulnerabilities
Unvalidated Redirects and Forwards
In addition to these vulnerabilities, students will gain skills and experience with the following:
Modern development styles, approaches and architectures
Motivations and mindsets shared across development teams
Fostering security culture change from outside of the development area
Scaling security support without scaling the number of security people you have
This course is designed to be hands on and interactive. Lecture material is combined with a range of custom built labs to test students and let them experiment with the vulnerabilities in action.
Individual or small team?
Larger team? (6 + people)
2 days (08:30 - 16:30)
SUITABLE FOR ROLES
All security roles supporting application development teams
Price per person
$1200 (excluding GST)