Fortify SAST and DAST for Developers

Kód kurzu: FT120

Táto časť nie je lokalizovaná

Fortify SAST and DAST for Developers is a two day training that explores how the Fortify product suite Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) scans for security vulnerabilities. As a student you will learn about the threats to applications, as well as the operation and remediation through the Fortify solution. With 70% hands-on activities you will learn how to utilize the Fortify SCA (Static Code Analyzer) and WebInspect.

Odborní
certifikovaní lektori

Mezinárodne
uznávané certifikácie

Široká ponuka technických
a soft skills kurzov

Skvelý zákaznicky
servis

Prispôsobenie kurzov
presne na mieru

Termíny kurzov

Počiatočný dátum: Individuálny

Forma: Prezenčná/Virtuálna

Dĺžka kurzu: 2 dni

Jazyk: en/cz

Cena bez DPH: 920 EUR

Registrovať

Počiatočný
dátum
Miesto
konania
Forma Dĺžka
kurzu
Jazyk Cena bez DPH
Individuálny Prezenčná/Virtuálna 2 dni en/cz 920 EUR Registrovať
G Garantovaný kurz

Nenašli ste vhodný termín?

Napíšte nám o vypísanoe alternatívneho termínu na mieru.

Kontakt

Cieľová skupina

Táto časť nie je lokalizovaná

Software/Application Developers, Product Managers, Development Managers, Q/A Managers, Q/A Analysts, and Application Security Analysts

Štruktúra kurzu

Táto časť nie je lokalizovaná

Module 1: Application Security overview

  • Review the OWASP Top 10 2017
  • Recognize layers of Securing Data (whitebox and Blackbox testing)

Module 2: Fortify Static Scanning

  • Run several different types of scans using Fortify
  • Practice memory tuning to optimize scanning

Module 3: Scan Results in Audit Workbench (AWB)

  • Identify the findings in the Critical folder
  • Apply the appropriate validation method to remediate a given vulnerability in the Critical folder
  • Audit and suppress findings

Module 4: Fortify SCA (Static Code Analyzer) Metrics

  • Describe the Scanning Process
  • Explain the function of each Analyzer
  • Recognize how the findings are placed within each risk folder

Module 5: Fortify IDE Plugins

  • Configure and scan using the Fortify IDE plugins Visual Studio and Eclipse

Module 6: Analysis Trace and Remediating Vulnerabilities

  • Properly read the analysis trace
  • Learn how to remediate vulnerabilities

Module 7: WebInspect (WI) Application Exploits

  • Identify characteristics of Web-based application security defects
  • Recognize prevalent software attacks

Module 8: Dynamic Scanning with WI

  • Produce scans and create macros
  • Evaluate then remediate your scan results

Module 9: Mobile Scanning with WI

  • Recognize WebInpsect Mobile Templates, Devices and Software
  • Recognize the steps for Native Mobile Scanning

Module 10: Web Services and API Scanning

  • Describe Web Services (SOAP) scanning capabilities
  • Perform a Web services scan

Module 11: Application and Scan Settings

  • Review the primary application and default scan setting options in WebInspect

 

 

Predpokladané znalosti

Táto časť nie je lokalizovaná

To be successful in this course, you should have the following prerequisites or knowledge:

  • Basic programming skills (able to read Java, C/C++, or .NET)
  • Basic understanding of web technologies: HTTP Requests and Responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar)
  • Knowledge of Web and Application Development practices

Potrebujete poradiť alebo upraviť kurz na mieru?

daniel

Daniel Šťastný

pruduktová podpora