Learn to bridge the gap between security, development, and QA teams. Identify vulnerabilities, assess risks, and communicate solutions that improve application resilience and reduce business risk.
Overview
Syllabus
- Introduction to Application Security
- Welcome to Application Security, but before we start let's learn a little about who I am and the history of application security.
- Common Web Application Vulnerabilities
- In this lesson we will go over who is OWASP and talk about the OWASP Top 10 and recommendations/best practices to mediate them.
- Web Penetration Testing
- In this lesson we will go over techniques used to conduct penetration testing on a web application.
- Discovery Methodologies
- In this lesson we will go over Static Application Security Testing and how to read/modify them.
- Vulnerability Response
- In this section we are going to focus on report writing and how to calculate severity using CVSS v3.1.
- Mitigation and Verification
- We learned how to find and document all vulnerabilities, but we are not done just yet. Now we need to focus our efforts on communicating with the development and QA teams to achieve a more secure app.
- Vulnerable Web Application
- You are hired by a startup to identify how their web application was breached, what vulnerabilities do they have, and make recommendations on how they can mitigate these vulnerabilities.
Taught by
Dev Badlu
