Secure Development

Accueil » Formations » Data » Secure Development

Formation mise à jour régulièrement ! Accès code bashing pendant 1 an compris après la formation !

1980 € HT 3 jours DEV-SECURE

Accès code bashing pendant 1 an compris après la formation !

Programme

1er jour

Introduction à la recherche de vulnérabilité dans les applications Web et Mobile.

  • Introduction to the Web Application Vulnerability Assessment
  • Introduction to the Mobile Application Vulnerability Assessment

Introduction to the Web Application Vulnerability Assessment

Training identity card:

  • Type: Labs
  • Audience: Everyone that have already developed web applications
  • Technology: Web technologies

Objective:

The objective of this training is to allow the students to discover the offensive side of the Application Security about Web Application and practice it during a lab.

What the students will learn:

During this training, the students will discover:

  • What is a Web Application Vulnerability Assessment?
  • The different steps of this kind of assessment
  • The methodology used to rate the security issues
  • The open referential that can be used to conduct an assessment

Introduction to the Mobile Application Vulnerability Assessment

Training identity card:

  • Type: Labs
  • Audience: Everyone that have already developed mobile applications
  • Technology: Mobile technologies

Objective:

The objective of this training is to allow the students to discover the offensive side of the Application Security about Mobile Application and practice it during a lab.

What the students will learn:

During this training, the students will discover:

  • What is a Mobile Application Vulnerability Assessment?
  • The different steps of this kind of assessment
  • The methodology used to rate the security issues
  • The open referential that can be used to conduct an assessment.

2ème jour 

Introduction à la sécurité dans le développement avec les notions théoriques.
Démonstration des vulnérabilités les plus communes et des méthodes de défense pour s’en prémunir.

  • Introduction to Secure coding
  • Practical demonstrations of common vulnerabilities

Introduction to Secure Coding

Training identity card:

  • Type: Theoretical
  • Audience: Everyone
  • Technology: Independent

Objective:

The objective of this training is to introduce the students to the defensive side of the Application Security.

What the students will learn:

During this training, the students will discover:

  • What is the Application Security?
  • Why the security of an application is important for is life in the company information system?
  • Principles of Secure Coding
  • Common security error meet during development and how to prevent them

Practical demonstrations of common vulnerabilities

Training identity card:

  • Type: Demonstration
  • Audience: All developers
  • Technology: Independent

Objective:

The objective of this training is to present to the students different kinds of application vulnerabilities.

What the students will learn:

During this training, the students will discover:

  • Different kind of vulnerabilities that are commonly present in applications
  • How to detect them
  • How to validate them
  • How to fix them

3ème jour

Mise en pratique des cours théoriques à travers l’implémentation de la sécurité dans un projet vulnérable.

  • Secure coding labs
  • Accès plateforme de training (Java, .NET, PHP, Node.JS, Ruby on Rails, Python Django, C/C++, Android, iOS, Scala, Go)

Secure coding labs

Training identity card:

  • Type: Labs
  • Audience: Developers with current competencies in the session development language
  • Technology: JAVA or .NET – Single technology by session

Objective:

The objective of this training is to allow the students to manipulate the secure coding concepts and vulnerabilities seen during the trainings « Introduction to Secure Coding » and « Practical demonstrations of common vulnerabilities ».

What the students will learn:

During this training, the students will discover:

  • How to identify the kind of attacks to which the application’s business features are exposed
  • Derivate counter-measures from attacks identified
  • Implements counter-measures using the target technology build-in features or custom code depending on the attack and the technology capacities.