Cursos

AppSecOps

1,850.00 +Iva

Dias: 4
Duração: 24 horas
Próxima Data: 24/05/2021 a 27/05/2021
Área: Cibersegurança
Certificação Associada: N/A
Local: Lisboa e Porto

Quero inscrever-me
REF: NSSASC Categoria: Etiqueta:

Descrição

AppSecOps is a 4-Day practical hands-on training to understand application security vulnerabilities and how to automate the defenses for the same. Provides insights into the latest security vulnerabilities such as host header injection, XML external entity injection, attacks on JWT tokens, SSRF Attacks, deserialization vulnerabilities etc… Attendees will learn how to defend themselves against such attacks and learn how to integrate the defenses by creating a DevSecOps environment.
The DevSecOps environment will be shown implemented by injecting security into Continuous Integration (CI), Continuous Delivery (CD), Continuous Monitoring (CM) and Infrastructure as Code (IaC) . Every delegate will be provided a personalized cloud setup of our DevSecOps lab for hands-on implementation of various security tools in the CI/CD/CM pipeline.

Destinatários

• Any person who wishes to learn about application security vulnerabilities and understand more about their impact
• Developers who create web applications in any language can attend
• Any technical person having a basic knowledge of how web applications work or is responsible for Implementing, managing or protecting web applications
• Any DevOps engineer looking to automate security

Programa

• Application Security Basics
• Understanding the HTTP Protocol
• Security Misconfigurations
• Insufficient Logging and Monitoring
• Authentication Flaws
• Authorization Bypass Techniques
• Cross-Site Scripting (XSS)
• Cross-Site Request Forgery Scripting
• Server-Side Request Forgery (SSRF)
• SQL Injection
• XML External Entity (XXE) Attacks
• Unrestricted File Uploads
• Deserialization Vulnerabilities
• Client-Side Security Concerns
• Source Code Review
• Introduction to DevOps
• Introduction to DevSecOps
• Continuous Integration
• Continuous Delivery
• Infrastructure As Code
• Continuous Monitoring
• DevSecOps in AWS
• DevSecOps Challenges and Enablers

Pré-requisitos

The only requirement for this class is that you bring your own laptop with minimum version JDK 8.0 installed with administrator rights and lots of caffeine!

Outras datas

26/07/2021 a 29/07/2021

20/09/2021 a 23/09/2021

23/11/2021 a 26/11/2021