COURSE DESCRIPTION

1er jour :

Introduction to the Web Application Vulnerability Assessment & Introduction to the Mobile Application Vulnerability Assessment

Training identity card:

• Type: Labs;
• Audience: Everyone that have already developed web applications;
• Technology: Web technologies.

Objective:

The objective of this training is to allow the students to discover the offensive side of the Application Security about Web Application and practice it during a lab.

What the students will learn:

During this training, the students will discover:

• What is a Web Application Vulnerability Assessment?
• The different steps of this kind of assessment;
• The methodology used to rate the security issues;
• The open referential that can be used to conduct an assessment.

Introduction to the Mobile Application Vulnerability Assessment

Training identity card:

• Type: Labs;
• Audience: Everyone that have already developed mobile applications;
• Technology: Mobile technologies.

Objective:

The objective of this training is to allow the students to discover the offensive side of the Application Security about Mobile Application and practice it during a lab.

What the students will learn:

During this training, the students will discover:

• What is a Mobile Application Vulnerability Assessment?
• The different steps of this kind of assessment;
• The methodology used to rate the security issues;
• The open referential that can be used to conduct an assessment.

COURSE DESCRIPTION

2ème jour :

• Introduction to Secure coding
• Practical demonstrations of common vulnerabilities

Introduction to Secure Coding

Training identity card:

• Type: Theoretical;
• Audience: Everyone;
• Technology: Independent.

Objective:

The objective of this training is to introduce the students to the defensive side of the Application Security.

What the students will learn:

During this training, the students will discover:

• What is the Application Security?
• Why the security of an application is important for is life in the company information system?
• Principles of Secure Coding;
• Common security error meet during development and how to prevent them.

Practical demonstrations of common vulnerabilities

Training identity card:

• Type: Demonstration;
• Audience: All developers;
• Technology: Independent.

Objective:

The objective of this training is to present to the students different kinds of application vulnerabilities.

What the students will learn:

During this training, the students will discover:

• Different kind of vulnerabilities that are commonly present in applications;
• How to detect them;
• How to validate them;
• How to fix them;

COURSE DESCRIPTION

3ème jour :

Secure coding labs

Training identity card:

• Type: Labs;
• Audience: Developers with current competencies in the session development language;
• Technology: JAVA or .NET – Single technology by session.

Objective:

The objective of this training is to allow the students to manipulate the secure coding concepts and vulnerabilities seen during the trainings “Introduction to Secure Coding” and “Practical demonstrations of common vulnerabilities“.

What the students will learn:

During this training, the students will discover:

• How to identify the kind of attacks to which the application’s business features are exposed ;
• Derivate counter-measures from attacks identified;
• Implements counter-measures using the target technology build-in features or custom code depending on the attack and the technology capacities.