COURSE DESCRIPTION

1er jour :

Introduction to the Web Application Vulnerability Assessment & Introduction to the Mobile Application Vulnerability Assessment

Training identity card:

• Type: Labs;
• Audience: Everyone that have already developed web applications;
• Technology: Web technologies.

Objective:

The objective of this training is to allow the students to discover the offensive side of the Application Security about Web Application and practice it during a lab.

What the students will learn:

During this training, the students will discover:

• What is a Web Application Vulnerability Assessment?
• The different steps of this kind of assessment;
• The methodology used to rate the security issues;
• The open referential that can be used to conduct an assessment.

Introduction to the Mobile Application Vulnerability Assessment

Training identity card:

• Type: Labs;
• Audience: Everyone that have already developed mobile applications;
• Technology: Mobile technologies.

Objective:

The objective of this training is to allow the students to discover the offensive side of the Application Security about Mobile Application and practice it during a lab.

What the students will learn:

During this training, the students will discover:

• What is a Mobile Application Vulnerability Assessment?
• The different steps of this kind of assessment;
• The methodology used to rate the security issues;
• The open referential that can be used to conduct an assessment.

COURSE DESCRIPTION

2ème jour :

• Introduction to Secure coding
• Practical demonstrations of common vulnerabilities

Introduction to Secure Coding

Training identity card:

• Type: Theoretical;
• Audience: Everyone;
• Technology: Independent.

Objective:

The objective of this training is to introduce the students to the defensive side of the Application Security.

What the students will learn:

During this training, the students will discover:

• What is the Application Security?
• Why the security of an application is important for is life in the company information system?
• Principles of Secure Coding;
• Common security error meet during development and how to prevent them.

Practical demonstrations of common vulnerabilities

Training identity card:

• Type: Demonstration;
• Audience: All developers;
• Technology: Independent.

Objective:

The objective of this training is to present to the students different kinds of application vulnerabilities.

What the students will learn:

During this training, the students will discover:

• Different kind of vulnerabilities that are commonly present in applications;
• How to detect them;
• How to validate them;
• How to fix them;

COURSE DESCRIPTION

3ème jour :

Secure coding labs

Training identity card:

• Type: Labs;
• Audience: Developers with current competencies in the session development language;
• Technology: JAVA or .NET – Single technology by session.

Objective:

The objective of this training is to allow the students to manipulate the secure coding concepts and vulnerabilities seen during the trainings « Introduction to Secure Coding » and « Practical demonstrations of common vulnerabilities« .

What the students will learn:

During this training, the students will discover:

• How to identify the kind of attacks to which the application’s business features are exposed ;
• Derivate counter-measures from attacks identified;
• Implements counter-measures using the target technology build-in features or custom code depending on the attack and the technology capacities.