PENETRATION TESTING
Required background: basic security knowledge and experience in secure coding
Number of training days: 3 days
Training objective:
Participants will gain deeper knowledge in secure coding to be able to avoid advanced attack methods.
Description of the training:
We will learn in detail the principles of the Open Worldwide Application Security Project (OWASP) and the most common security risks they identify, and learn how to effectively prevent and manage them. In addition, we will review advanced attack techniques that malicious hackers may try and learn about the defence mechanisms that can be used to protect against them. The focus of the course will be on secure coding practices that will help you to design and write secure code more consciously. Finally, through practical exercises, we will learn the practical application of penetration testing basics to test the security and vulnerabilities of our own applications.
Detailed topics:
Day 1: OWASP principles and security risks
- Introduction to OWASP (Open Worldwide Application Security Project)
- Identification and analysis of common security risks
- OWASP Top 10 – The biggest risks of today
Day 2: Secure coding and protection mechanisms
- Secure coding principles and practical techniques
- Input validation and data management best practices
- Defence mechanisms and requirements against the most common attack vectors (e.g. SQL Injection, Cross-Site Scripting)
Day 3: Penetration testing and practical exercises
- Penetration testing principles and methods
- Penetration testing principles and techniques
- Practical exercises and case studies on the application of penetration testing
ARE YOU INTERESTED IN? WRITE US!