A look into the world of cyber attackers and penetration testers. This training is designed for developers and testers who want to understand how security vulnerabilities are discovered, exploited, and avoided in practice.
Learn how attackers think so you can build secure software
Developers learn how an attacker sees a web application and its background services. Covers tools and methods used by penetration testers, giving the attendees an understanding on how vulnerabilities are discovered, exploited and avoided.
Duration
6h
Capacity
15–20 persons
For
Developers & testers
What we cover in the training
MORNING
Overview of a cyber attack How an attacker discovers and exploits security weaknesses of a web application and its background services
Security flaw categories What types of security flaws exist in systems and what are the typical causes
Fuzzing How security flaws are discovered using a combination of invalid input and error states of an application
Common security vulnerabilities A look into what the most common vulnerabilities look like, what causes them, what is their impact and how are they being exploited
AFTERNOON
Hands-on exercises Basics of discovering and exploiting common vulnerabilities
Developer resources Services, tools and other resources that developers can use to improve the security posture of the developed applications
Open source and third-party components How does using third party components, such as open-source libraries, affect the security of an application
Wrapping up & next steps
The actual agenda is planned together in the kick-off meeting.
Feedback from attendees
“It really felt that there were lot of things that are helpful for me as a developer. The real-life examples really helped to better understand different vulnerabilities and how they can be exploited.”
“Thanks for the course! The hands-on approach was good for the ’gut feeling’ of what cyber security vulnerabilities can be causing.”
“Very nice training! The trainer was clearly a professional and conveyed the topics clearly and understandably. The hands-on parts were interesting and provided concrete insights.”
Your certified and expert partner
Silverskin is a CREST-certified provider of penetration testing services. CREST is an international certification organisation for information security. Leading cybersecurity organisations such as GIAC and OffSec have certified our experts.
