Application Security Essentials
A security perspective for product development and DevOps teams to help them build applications that are secure by design.
Core AppSec Principles
Learn best practices in security through detailed understanding of flaws.
Gain a thorough understanding of how exploitation of vulnerabilities happen in the wild.
Learn platform and technology agnostic remediation strategies against common AppSec vulnerabilities.
Threat Modeling In Agile
Learn how to capture threat models in an actionable way, linking it to security test cases to ensure comprehensive risk coverage.
Tailor Make Test Cases
Derive test cases tailor made for your application to get the best out of your application security testing.
Capture Abuser Stories
Learn how to use user and abuser stories to create threat models with comprehensive threat coverage.
Learn how to perform Threat Modeling for iterative product releases using Threat Playbook.
OWASP ZAP Masterclass
Learn how to get the best out of OWASP's Zed Attack Proxy to perform advanced vulnerability detection and exploitation
Integration with CI/CD
Integrate OWASP ZAP within Continuous Integration and Deployment environments.
IMPROVE EFFICIENCY OF DAST
Learn how to leverage functional automation scripts to perform “parameterized” scanning with ZAP
SCRIPTING WITH ZAP
Create custom scripts to perform everything from Reconnaissance to Advanced Vulnerability Detection and Exploitation
AWS Security Training
Discover manual and automated approaches to deploying and provisioning resources on Amazon Web Services in a secure manner.
Tools of the trade
Identify vulnerabilities in AWS environments using powerful tools like CS-Suite, prowler and lynis.
Build a secure AWS deployment as a practical exercise to help internalize theoretical concepts.
Use KMS encryption to secure secrets and other sensitive information across AWS.
DevSecOps & AppSec Automation
Learn how to use automation to integrate security with the application development process in a DevOps environment.
Shift Security Left
Learn how to incorporate application security within your continuous delivery pipeline.
Leverage functional automation scripts to reduce security testing time for iterative product releases.
Tool chain setup
Optimally configure DAST/SAST tools to ensure minimal disruption of development workflow.
Container & Orchestration Security
Learn how to secure applications built using container tech like Docker and orchestration platforms like Kubernetes
Develop a comprehensive understanding of underlying container architecture.
Comprehensive Threat Coverage
Learn about security threats that are specific to containerized deployments.
Our training is replete with practical exercises that simulate real world threat scenarios.
Learn how to secure applications that are built using Serverless technology which is undoubtedly the next "big thing" in the world of distributed applications.
Understanding The Threat Landscape
This training will help attendees identify the much larger attack surface with hands-on exercises.
Security Responsibility Model
Understand the security responsibility model involving most Serverless frameworks.
Capture The Flag
Put theoretical learning to practice through our challenging CTF session
Secrets of Secrets
Learn how to manage secrets and sensitive information secure in cloud native environments
Common Secrets Management Anti-patterns
Hands-on view of vulnerable secrets implementations from the real world
Good Secrets Management
Learn overarching principles of good secrets management.
Emphasis on Major Service Providers
Focus on secret management with major cloud service providers like AWS, GCP & Azure