A 3-Day practical hands-on training to understand application security vulnerabilities and how to automate the defenses for the same.
AppSecOps is a 3-Day practical hands-on training to understand application security vulnerabilities and how to automate the defenses for the same. Provides insights into the latest security vulnerabilities such as host header injection, XML external entity injection, attacks on JWT tokens, SSRF Attacks, deserialization vulnerabilities etc... Attendees will learn how to defend themselves against such attacks and learn how to integrate the defenses by creating a DevSecOps environment.
The DevSecOps environment will be shown implemented by injecting security into Continuous Integration (CI), Continuous Delivery (CD), Continuous Monitoring (CM) and Infrastructure as Code (IaC) . A Short preview of the DevSecOps portion of the course is available for viewing here.
Authored by: NotSoSecure, part of Claranet Cyber Security.
Delivered by: NotSoSecure’s world-leading security experts are at the cutting edge of capability and train Fortune 500 and start-up companies around the globe. As one of the largest training providers at Black Hat they provide practical, hands-on, lab-based hacking for both on-site and via LIVE remote delivery. NotSoSecure Trainers are all professional penetration testers who bring real-life experience into the classroom, and have training experience at Black Hat and many other leading international security conferences. WE HACK.WE TEACH.
Apart from the various tools and content around the training Students will be provided with a 7 day lab access where they can practice all the exercises/demos shown during the training.
They shall also be provided with our custom built DevSecOps-Lab VM containing all the code, scripts and tools that are used for building the entire DevSecOps pipeline.
This class is ideal for Web/API developers who work day-in-day out building full-stack web applications
or web APIs. Anyone who is looking to develop a skillset into web application security and identify web application flaws can also benefit from this course.
DevOps engineers, security and solutions architects, system administrators and anybody who is a fan of automation will also strongly benefit from this course as it’ll give them a holistic approach towards application security.
Anybody with a background in IT or related to software development whether a developer or a manager can attend this course to get an insight about Web Application Security vulnerabilities, DevOps and DevSecOps.
A Laptop with minimum 4 GB RAM and 1 GB of extra space. Currently the tools provided by us support only Windows, MacOS and Debian operating systems.
UK and VirtualVisit
Lab-Based Training - Written by BlackHat Trainers - Available Globally
NotSoSecure classes are ideal for those preparing for CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform Penetration Testing on infrastructure / web applications as a day job & wish to add to their existing skill set.