Developers learn how an attacker sees a web application and its background services. Covers tools and methods used by penetration testers, giving the attendees an understanding on how vulnerabilities are discovered, exploited and avoided.
Duration
6h
Capacity
15–20 persons
For
Developers & testers
Example agenda
MORNING
Overview of a cyber attack
How an attacker discovers and exploits security weaknesses of a web application and its background services
Security flaw categories
What types of security flaws exist in systems and what are the typical causes
Fuzzing
How security flaws are discovered using a combination of invalid input and error states of an application
Common security vulnerabilities
A look into what the most common vulnerabilities look like, what causes them, what is their impact and how are they being exploited
AFTERNOON
Hands-on exercises
Basics of discovering and exploiting common vulnerabilities
Developer resources
Services, tools and other resources that developers can use to improve the security posture of the developed applications
Open source and third-party components
How does using third party components, such as open-source libraries, affect the security of an application
Wrapping up & next steps
The actual agenda is planned together in the kick-off meeting.
Feedback from attendees
“It really felt that there were lot of things that are helpful for me as a developer. The real-life examples really helped to better understand different vulnerabilities and how they can be exploited.”
“Thanks for the course! The hands-on approach was good for the ’gut feeling’ of what cyber security vulnerabilities can be causing.”
“Very nice training! The trainer was clearly a professional and conveyed the topics clearly and understandably. The hands-on parts were interesting and provided concrete insights.”
Sertifioitu ja asiantunteva kumppani
Silverskin is a CREST certified penetration testing service provider. Continuous learning, etc.
