secure php code review
Secure Code Review is a process which identifies the insecure piece of code which may cause a potential vulnerability in a later stage of the software development process, ultimately leading to an insecure application. In many industries, including the healthcare and payment verticals, secure code reviews are a mandatory part of the compliance requirement, and they offer an added layer of security before your application is released. Whether mandated or not, secure code reviews offer an added value for the security of your application and the organization at large.All the insecurities based on OWASP Top 10 and MITRE Top 25 industry classifications
REAL LIFE CASE STUDIES
INSTRUCTOR-LED SESSIONS
INDUSTRY DRIVEN CERTIFICATION
DAILY ASSIGNMENTS
STUDENT LEARNING KIT
syllabus
syllabus
module 1 : basic web terminologies
- Introduction to SAST
- Global Standards & Frameworks
- Web Technologies – front-end and back-end technology
- Web application architecture
- Http Methods,Error Codes, Cookie Basics , Frameworks etc.
module 2 : Web application methodlogies
- Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access Control
- Security Misconfiguration
- Cross-Site Scripting (XSS)
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Insufficient Logging & Monitoring
module 3 : deep-dive with burpsuite
Systematic approach to enumerate the target , proxy setup , intruder , decoder , comparer , extender , sequencer ,collaborater , infiltrator , macros and engagement tools will be covered in depth
module 4 : Appsec tetsting
- Configuration and Deployment Management Testing
- Authentication Testing
- Authorization Testing
- session management & cookies issues
- Remote website issues
- Including & serving issues
- Database issues
- miscellaneous PHP insecurities
- Shared hosting security issues
module 6 : web app corporoate methodologies
- Threat Modelling
- Agile Methodology
- Secure SDLC guidelines
- DevSecOps methodliges
- Vulnerability countermeasures
module 6 : Static code analysis defense
- security of configuration files
- Database security
- Web server security guidelines
- secure code review guidelines
who should attend this training?
-
Freshers
-
Ethical hackers
-
Programmers
-
Security Analyst
-
Security Engineers
-
Bug bounty hunters
-
Security Professionals
why should i take this training?
The era of the technology is now growing every day but due to dependency on the technology cyber frauds and attacks are also increased so to take defense for yourself and your business this is best suitable training to take entry in this domain.
prerequisite of the training ?
The person should familiar with basic computer operations
What is total duration of the training ?
Its an Instructor-led online training and the total duration of the training is 40 hours.
For more info kindly connect with us
Whats Next ?
Checkout the advanced training modules with the given below link.
Testimonials
This is the first time I have attended a class in this format and wondered how effective it would be. It was very effective and therefore I would definitely be interested in attending other classes in the same format. The instructor was very knowlegeable and provided a wealth of information about the current version, especially since the last version I used was several releases ago.
A good place to learn every small detail in cybersecurity.Really nice and helpful teacher.