Accès code bashing pendant 1 an compris après la formation !
Programme
1er jour
Introduction à la recherche de vulnérabilité dans les applications Web et Mobile.
- Introduction to the Web Application Vulnerability Assessment
- Introduction to the Mobile Application Vulnerability Assessment
Introduction to the Web Application Vulnerability Assessment
Training identity card:
- Type: Labs
- Audience: Everyone that have already developed web applications
- Technology: Web technologies
Objective:
The objective of this training is to allow the students to discover the offensive side of the Application Security about Web Application and practice it during a lab.
What the students will learn:
During this training, the students will discover:
- What is a Web Application Vulnerability Assessment?
- The different steps of this kind of assessment
- The methodology used to rate the security issues
- The open referential that can be used to conduct an assessment
Introduction to the Mobile Application Vulnerability Assessment
Training identity card:
- Type: Labs
- Audience: Everyone that have already developed mobile applications
- Technology: Mobile technologies
Objective:
The objective of this training is to allow the students to discover the offensive side of the Application Security about Mobile Application and practice it during a lab.
What the students will learn:
During this training, the students will discover:
- What is a Mobile Application Vulnerability Assessment?
- The different steps of this kind of assessment
- The methodology used to rate the security issues
- The open referential that can be used to conduct an assessment.
2ème jour
Introduction à la sécurité dans le développement avec les notions théoriques.
Démonstration des vulnérabilités les plus communes et des méthodes de défense pour s’en prémunir.
- Introduction to Secure coding
- Practical demonstrations of common vulnerabilities
Introduction to Secure Coding
Training identity card:
- Type: Theoretical
- Audience: Everyone
- Technology: Independent
Objective:
The objective of this training is to introduce the students to the defensive side of the Application Security.
What the students will learn:
During this training, the students will discover:
- What is the Application Security?
- Why the security of an application is important for is life in the company information system?
- Principles of Secure Coding
- Common security error meet during development and how to prevent them
Practical demonstrations of common vulnerabilities
Training identity card:
- Type: Demonstration
- Audience: All developers
- Technology: Independent
Objective:
The objective of this training is to present to the students different kinds of application vulnerabilities.
What the students will learn:
During this training, the students will discover:
- Different kind of vulnerabilities that are commonly present in applications
- How to detect them
- How to validate them
- How to fix them
3ème jour
Mise en pratique des cours théoriques à travers l’implémentation de la sécurité dans un projet vulnérable.
- Secure coding labs
- Accès plateforme de training (Java, .NET, PHP, Node.JS, Ruby on Rails, Python Django, C/C++, Android, iOS, Scala, Go)
Secure coding labs
Training identity card:
- Type: Labs
- Audience: Developers with current competencies in the session development language
- Technology: JAVA or .NET – Single technology by session
Objective:
The objective of this training is to allow the students to manipulate the secure coding concepts and vulnerabilities seen during the trainings « Introduction to Secure Coding » and « Practical demonstrations of common vulnerabilities ».
What the students will learn:
During this training, the students will discover:
- How to identify the kind of attacks to which the application’s business features are exposed
- Derivate counter-measures from attacks identified
- Implements counter-measures using the target technology build-in features or custom code depending on the attack and the technology capacities.