secure php code review

Secure Code Review is a process which identifies the insecure piece of code which may cause a potential vulnerability in a later stage of the software development process, ultimately leading to an insecure application. In many industries, including the healthcare and payment verticals, secure code reviews are a mandatory part of the compliance requirement, and they offer an added layer of security before your application is released. Whether mandated or not, secure code reviews offer an added value for the security of your application and the organization at large.All the insecurities based on OWASP Top 10 and MITRE Top 25 industry classifications

REAL LIFE CASE STUDIES

INSTRUCTOR-LED SESSIONS

INDUSTRY DRIVEN CERTIFICATION

DAILY ASSIGNMENTS

STUDENT LEARNING KIT

 

syllabus

syllabus 

module 1 : basic web terminologies
  • Introduction to SAST 
  • Global Standards & Frameworks
  • Web Technologies – front-end and back-end technology
  • Web application architecture
  • Http Methods,Error Codes, Cookie Basics , Frameworks etc.
module 2 : Web application methodlogies
  • Injection
  • Broken Authentication
  • Sensitive Data Exposure
  • XML External Entities (XXE)
  • Broken Access Control
  • Security Misconfiguration
  • Cross-Site Scripting (XSS)
  • Insecure Deserialization
  • Using Components with Known Vulnerabilities
  • Insufficient Logging & Monitoring

 

module 3 : deep-dive with burpsuite

Systematic approach to enumerate the target , proxy setup , intruder , decoder , comparer , extender , sequencer ,collaborater , infiltrator , macros and engagement tools will be covered in depth

 

module 4 : Appsec tetsting
  • Configuration and Deployment Management Testing
  • Authentication Testing
  • Authorization Testing
  • session management & cookies  issues
  • Remote website issues
  • Including & serving issues
  • Database issues
  • miscellaneous PHP insecurities
  • Shared hosting security issues

 

 

module 6 : web app corporoate methodologies
  • Threat Modelling
  • Agile Methodology
  • Secure SDLC guidelines
  • DevSecOps methodliges
  • Vulnerability countermeasures
module 6 : Static code analysis defense
  • security of configuration files
  • Database security 
  • Web server security guidelines
  • secure code review guidelines
who should attend this training?
  • Freshers

  • Ethical hackers

  • Programmers

  • Security Analyst

  • Security Engineers

  • Bug bounty hunters

  • Security Professionals

why should i take this training?

The era of the technology is now growing every day but due to dependency on the technology cyber frauds and attacks are also increased so to take defense for yourself and your business this is best suitable training to take entry in this domain.

pri-requisite of the training ?

The person should familiar with basic computer operations 

What is total duration of the training ?
Its an Instructor-led online training and the total duration of the training is 40 hours.

For more info kindly connect with us 

13 + 13 =

Our clients

Testimonials

Today I’ve completed my one 2 one online training by Mr Naresh sir from Certcube Labs .
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
Satyam Singh

BCA, Delhi University

A good place to learn every small detail in cybersecurity.Really nice and helpful teacher.

subhum

Btech, BITS Mesra

together Let’s Create the future

1 + 5 =