• Learn Security Best Practices
    empty
    through detailed understanding of flaws from the OWASP Top 10, WASC Top 25 and SANS Top 20
  • Workshop has the most updated content
    empty
    with detailed training on security best practices from oAuth, SAML, JWT and so on.
  • Practical, platform agnostic content
    empty
    that can applied across any development platform

APPLICATION SECURITY

(2 Day Certificate Workshop)

Learn “Security through Insecurity” with powerful hands-on exercises designed on our intentionally vulnerable, application and web services stack.

KNOW MORE & REGISTER

APPLICATION SECURITY

(2 Day Certificate Workshop)

Learn “Security through Insecurity” with powerful hands-on exercises designed on our intentionally vulnerable, application and web services stack.

KNOW MORE & REGISTER
  • Learn Security Best Practices
    empty
    through detailed understanding of flaws from the OWASP Top 10, WASC Top 25 and SANS Top 20
  • Workshop has the most updated content
    empty
    with detailed training on security best practices from oAuth, SAML, JWT and so on.
  • Practical, platform agnostic content
    empty
    that can applied across any development platform

AGILE SECURITY (DEVSECOPS)

(2 Day Certificate Workshop)

Design and build a security pipeline using our intentionally vulnerable application and toolchain scripts for SAST, DAST and custom security automation 

KNOW MORE & REGISTER
  • Perform practical exercises
    empty
    that showcase integration of security automation with continuous integration (CI) services like Jenkins
  • Exposure to hi-technology security concepts
    empty
    like Container Security, Infrastructure as Code scripts
  • Hands-on Exercises
    empty
    and detailed insights into Secrets Management for DevOps using custom apps and techniques
  • Learn DevSecOps implementation from experts
    empty
    with “trench” experience in implementing security pipelines for challenging DevOps environments.
  • Learn to perform
    empty
    practical, scalable and effective threat modeling for your rapid-scale DevOps environment.
  • Learn how you can implement effective Threat Modeling
    empty
    that feeds into your SAST, DAST, Incident Management, Security Requirements Specs, Table-top exercises and so on.
  • Deep-dive into Threat Modeling
    empty
    with STRIDE, Attack Tree and related methodologies
  • Tips and Tricks to build
    empty
    in prioritization, business impact and relevance to Threat Modeling processes

THREAT MODELING

(1 Day Certificate Workshop)

Understand Application Threat Modelling from renowned experts on Application Security with practical threat profile simulations

KNOW MORE & REGISTER

THREAT MODELING

(1 Day Certificate Workshop)

Understand Application Threat Modelling from renowned experts on Application Security with practical threat profile simulations

KNOW MORE & REGISTER
  • Learn to perform
    empty
    practical, scalable and effective threat modeling for your rapid-scale DevOps environment.
  • Learn how you can implement effective Threat Modeling
    empty
    that feeds into your SAST, DAST, Incident Management, Security Requirements Specs, Table-top exercises and so on.
  • Deep-dive into Threat Modeling
    empty
    with STRIDE, Attack Tree and related methodologies
  • Tips and Tricks to build
    empty
    in prioritization, business impact and relevance to Threat Modeling processes

ZAP Master Class workshop:

(1 Day Workshop)

 Learn how to use ZAP as a security testing tool within your continuous delivery pipeline and as to how it can be leveraged by Security Engineers to create custom scripts to perform advanced vulnerability detection and exploitation

KNOW MORE & REGISTER
  • Use of OWASP ZAP within Continuous Integration and Deployment environments - For instance, use of ZAP for continuous scanning with CI services like Jenkins
  • Leveraging Functional Automation Tests written in Selenium and other Unit Testing Frameworks to perform “parameterized” scanning with ZAP
  • Leveraging ZAP’s powerful Scripting Framework to create custom scripts to perform everything from Reconnaissance to Advanced Vulnerability Detection and Exploitation
  • Extend ZAP’s capability to Acceptance Driven Testing, with we45’s powerful Robot Framework integration for OWASP ZAP