In Application Security for Developers training course, you will gain an understanding of application security vulnerabilities including the industry standard OWASP Top 10 list and learn strategies to defend against them. Pen testing (security testing) as an activity tends to capture security vulnerabilities at the end of the SDLC and then it is often too late to influence fundamental changes in the way the code is written.
Throughout this class, developers will be able to get on the same page with security professionals, understand their language, learn how to fix or mitigate vulnerabilities learnt during the class and get acquainted with some real-world breaches. The techniques discussed in this class are mainly focused on .NET, Java and NodeJS technologies owing to their huge adoption in various enterprises in building web applications. However, the approach is kept generic and developers from other language backgrounds can easily grasp and implement the knowledge learned within their own environments.
By attending Application Security for Developers workshop, delegates will learn:
- Industry standards such as OWASP top 10 with a practical demonstration of vulnerabilitiescomplemented with hands-on lab practice.
- Gain insights into the latest security vulnerabilities (such as host header injection, XML external entity injection, attacks on JWT tokens, deserialization vulnerabilities).
- Best security practices (Introduction to various security frameworks and tools and techniques for secure application development).
- Understand the financial repercussions of different vulnerabilities.
- Get on the same page with the security team while discussing vulnerabilities.
- Identify and Fix security vulnerabilities much earlier in the SDLC process saving time and effort.
- Basic understanding of how web applications work.
The Application Security for Developers class is ideal for:
- Web/API developers who work day-in-day out building full-stack web applications or web APIs.
- Anyone who is looking to develop a skill-set into web application security and identify web application flaws can also benefit from this course.