secure php code review

Secure Code Review is a process which identifies the insecure piece of code which may cause a potential vulnerability in a later stage of the software development process, ultimately leading to an insecure application. In many industries, including the healthcare and payment verticals, secure code reviews are a mandatory part of the compliance requirement, and they offer an added layer of security before your application is released. Whether mandated or not, secure code reviews offer an added value for the security of your application and the organization at large.All the insecurities based on OWASP Top 10 and MITRE Top 25 industry classifications



REAL LIFE CASE STUDIES



INSTRUCTOR-LED SESSIONS



INDUSTRY DRIVEN CERTIFICATION



DAILY ASSIGNMENTS



STUDENT LEARNING KIT

syllabus

module 1 : basic web terminologies

Introduction to SAST
Global Standards & Frameworks
Web Technologies – front-end and back-end technology
Web application architecture
Http Methods,Error Codes, Cookie Basics , Frameworks etc.

module 2 : Web application methodlogies

Injection
Broken Authentication
Sensitive Data Exposure
XML External Entities (XXE)
Broken Access Control
Security Misconfiguration
Cross-Site Scripting (XSS)
Insecure Deserialization
Using Components with Known Vulnerabilities
Insufficient Logging & Monitoring

module 3 : deep-dive with burpsuite

Systematic approach to enumerate the target , proxy setup , intruder , decoder , comparer , extender , sequencer ,collaborater , infiltrator , macros and engagement tools will be covered in depth

module 4 : Appsec tetsting

Configuration and Deployment Management Testing
Authentication Testing
Authorization Testing
session management & cookies issues
Remote website issues
Including & serving issues
Database issues
miscellaneous PHP insecurities
Shared hosting security issues

module 6 : web app corporoate methodologies

Threat Modelling
Agile Methodology
Secure SDLC guidelines
DevSecOps methodliges
Vulnerability countermeasures

module 6 : Static code analysis defense

security of configuration files
Database security
Web server security guidelines
secure code review guidelines

who should attend this training?

Freshers
Ethical hackers
Programmers
Security Analyst
Security Engineers
Bug bounty hunters
Security Professionals

why should i take this training?

The era of the technology is now growing every day but due to dependency on the technology cyber frauds and attacks are also increased so to take defense for yourself and your business this is best suitable training to take entry in this domain.

prerequisite of the training ?

The person should familiar with basic computer operations

What is total duration of the training ?

Its an Instructor-led online training and the total duration of the training is 40 hours.