Application Security

Description

PRODUCT/COURSE DESCRIPTION

Most of the cyber-attacks directed at a business network are preventable with proper vulnerability management. This course prepares learners with what they can do to effectively manage vulnerabilities and keep the network safe from attack. Through the Application Security course, learners will be able to acquire necessary skills to be proficient in; vulnerability assessment for applications, performing source code review, testing the source code, suggesting remediation actions, perform hardening and monitor organizations traffic and logs for threats.

PREREQUISITES

Diploma in Engineering with 1 year of full-time work experience or Bachelor’s Degree in Science/Technology/Computers with 0-6 months of full-time work experience in Information/ Cybersecurity

COURSE OUTLINE

The Application Security course will help learners to acquire necessary skills related to; vulnerability assessment for applications, performing source code review, testing the source code, suggesting remediation actions, perform hardening and monitor organizations traffic and logs for threats. This course consists of topics like:

• Penetration Testing & Vulnerability Scanning
• Vulnerability Types
• Application based vulnerabilities
• System & Application security
• Software Testing fundamentals
• Developing secure networks
• Defensive Programming Standards
• Secure Versioning & Analysis
• Intrusion Prevention
• Information System Audit
• Patch Management Strategies
• Vulnerabilities and Exploits
• Reporting & Communication
• Business & Industry Influences and Risks
• Network Reconnaisance & Telemetry
• YANG Model & Model Driven Telemetry

 LEARNING OBJECTIVES

• Explain the use cases, common roles, and basic operating procedures followed by organizations in the context of cybersecurity
• Describe the security threats associated with network and ICT devices, and commonly used security solutions
• Evaluate the fundamentals of programming for reading and writing scripts
• Explain the methods to identify and resolve key vulnerabilities in applications, including penetration testing
• Describe the methods to secure application configuration across environments
• Define and implement an appropriate patch management strategy
• Explain the use of SIEM tools in monitoring application security
• Use different approaches to effectively manage and share data and information

TOOLS USED

Probely, Wireshark, Metasploit, Wireshark, nmap, Kali Linux, Maltego, FOCA, Burp, W3af, Wfuzz, WAPITI,ZAP, SQLMAP, Cloud security tools (GCP Cloud security scanner, AWS Security suite, Azure OWASP suite), Patch Management tools like SolarWinds etc., AlienVault, Nexpose, reporting tools like SumoLogic/AlienVault feature for reporting etc.

COURSE DURATION: 234 HOURS

Theory — 60 hours

Practical — 170 hours

COST

INR 20060.00