Application Security Training in Bangalore, Chennai, Mumbai, Pune, Delhi, Gurgaon, Noida, Muscat, Qatar, Dubai, Secure Coding Practices, OWASP Top 10, SAN CWE Top 25, Thread Modeling, Threat Profiling, SQL Injection, Privilege Escalation, Cross Site Scripting, Buffer Overflow, Web Application Security Testing, Assessment, Bootcamp, Workshop

Application Security

Application Security encompasses measures taken to prevent exceptions in the security policy of an application or the underlying system (vulnerabilities) through flaws in the design, development, or deployment of the application.

Security testing techniques scour for vulnerabilities or security holes in applications. These vulnerabilities leave applications open to exploitation. Ideally, security testing should be implemented throughout the entire software development life cycle (SDLC) so that vulnerabilities may be addressed in an appropriate manner. Unfortunately, testing is often conducted as an afterthought at the end of the development cycle.

About this workshop

Traditionally, security has been handled with a large focus on the network. Security budgets are allocated to defenses that are understood, not defenses that reduce the most risk. Many people understand what a firewall does but the problem is that a firewall will only mitigate threats at the network layer and not at the application layer.

With the rise of service-oriented architecture and the fact that more and more data is moving through port 80, the threat of a weak application is huge no matter how many firewalls you put in front of it. The workshop will help in understanding application security related controls in compliance standards like PCI-DSS, ISO 27001, SOX, etc. The entire training is driven by hands-on exercises and case studies to ensure all aspects have a real-life scenario-based approach.

Benefits

On completion of this workshop, participants will get a better understanding of

Application security attacks
Primary risks facing web applications
Threat Modeling
Threat Profiling
OWASP Top 10
CWE Top 25
Black Box Testing
Secure Code Reviews

Who should attend

This workshop will significantly benefit professionals developing secure applications and evaluating application security.

Software Developer (J2EE/ASP.NET)
Software Developer (J2EE/ASP.NET)
Design Architect
IS / IT Specialist / Analyst / Manager
IS / IT Auditor / Consultant
Security Specialist / Analyst
Security Manager / Architect
Security Consultant / Professional
Security Officer / Engineer
Security Administrator
Security Auditor
Software Engineer / Tester
Project Lead / Manager

Participants are expected to have some knowledge of software application security testing.

Workshop Outline

Introduction to Application Security
Application Architecture
Security Development Lifecycle
Web Application Vulnerabilities
Understanding vulnerabilities practical hands-on using insecure web applications
Threat Modeling - Application Security Controls
Secure Coding Techniques
Latest trends and security threats
Significant OWASP Projects
Continuous security testing and assessments

Customer Feedback

Name :
Email :
Mobile :
Organization :
Location :
Interested in :