Acquire programming skills and effectively secure a web server/application, manage security through an IT project, implement tools related to application security.
Day 1 morning
❏ Section 1 – Introduction
❏ Web overview
❏ Frameworks
❏ Legal framework
❏ Practical Work 1 / Quizz
❏ Section 2 – Web security principles
❏ Reminders about the web environment
❏ Web vulnerabilities
❏ Section 3 – Testing your application
❏ BurpSuite
❏ Fuzzing
❏ Code analysis
Day 1 afternoon
❏ Penetration testing
❏ Practical Work 2 / Application penetration testing
Day 2 morning
❏ Section 4 – Application hardening
❏ Securing your code
❏ Client/server hardening
Day 2 afternoon
❏ Practical Work 3 / Hardening of an application
Jour 3 matin
❏ Section 5 -Application Security Management (SDLC)
❏ DevOps Paradigms
❏ Secure Development LifeCycle
❏ Threat modeling
❏ Surface attack reduction
❏ Personal data
❏ Defence in depth
❏ Separation of privileges
❏ Secure by default
Section 6 – Continuous integration
❏ Code repositories
❏ Deployment tools
❏ Bug tracking
❏ Section 7 – Maturity models
❏ OPENSAMM
❏ BISMM
Day 3 afternoon
❏ Practical Work 4 / Studdy case of SDLC
General knowledge in web programming, web server administration, management
Developers / Pentesters / Administrators / IT Project Managers