Application Security Fundamentals - Including Hands On Demos
Application Security Fundamentals - Including Hands On Demos
Published 7/2023
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.87 GB | Duration: 4h 18m
Published 7/2023
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.87 GB | Duration: 4h 18m
Learn about basics of application security and tricks to find a job in application security
What you'll learn
Learn about application security
Learn about various security activities in each phase of Secure SDLC
Learn about finding a job in application security
Learn about certifications that can help you to find a job in application security
Learn about OWASP TOP 10 with practical explanation and real life examples
Learn about Burp Suite
Learn about setting up a vulnerable application on local system
Learn about Pen Test Engineer
Requirements
No Experience required as this course will teach all the security fundamentals
Description
Who shall take this course?This "Application Security Fundamentals - Including Hands On Demo" course is designed for beginners looking to switch to application security. It will also help SOC engineers, DevOps Engineers, SRE, QA Professionals and Freshers looking to find a job in the field of application security. This course will teach you about various job roles in application security and the technical requirements for each job roles. It will explain the difference between application security and infrastructure security.This course is for:DevelopersDevOpsSecurity EngineersAspiring professional in the Security domainQuality Assurance EngineersInfoSec/AppSec Professional Why purchase this course?This is only practical hands-on application security course available on the internet till now.Application security enables secure application development with agility, at the same time it secures your application with automated security checks integrated within the pipeline. It helps to increase productivity and security by integrating security at each phase in the software development.Also, we have included practical examples to learn about the basic building blocks of application securityBy the end of the course, you will be able to successfully explain the various job roles in application security, technical expertise required for a job role and choose the best career option for you.No Action required before taking this course. For any question or concerns, Please post your comments in discussions tabDisclaimer: English subtitles are auto-generated so please ignore any grammar mistakes
Overview
Section 1: Introduction and Agenda
Lecture 1 Introduction And Course Agenda
Section 2: Basics of Application Security
Lecture 2 SDLC vs Secure SDLC
Lecture 3 Security Activities at each phase in Secure SDLC
Lecture 4 Security Job Roles to perform security activities at each phase in Secure SDLC
Lecture 5 Find security jobs on job hunting platforms in application security
Lecture 6 Technical Requirements and Expertise for a job of Sr Security Engineer
Lecture 7 Technical Requirements and Expertise for a job of DevSecOps Engineer
Lecture 8 Technical Requirements and Expertise for a job of VA/PT Engineer
Lecture 9 Technical Requirements and Expertise for a job of Pen Test Engineer
Lecture 10 Common Technical Requirements and Expertise for Security Job Roles
Lecture 11 Basic Security Terms in Application Security
Lecture 12 What is CWE & CVE & CVSS?
Section 3: Lab Environment Setup for learning basic security requirements i.e. OWASP TOP 10
Lecture 13 Hands On: Install NodeJs for OWASP Juice Shop - First Step
Lecture 14 Hands On: Install OWASP Juice Shop on local System - Part 2
Lecture 15 Hands On: Install Burp Suite on Local System
Lecture 16 Hands On: Configure Burp Suite with Chrome Browser
Section 4: Hands On with Basics : Deep Dive in OWASP TOP 10
Lecture 17 A01:2021-Broken Access Control
Lecture 18 A02:2021-Cryptographic Failures
Lecture 19 A03:2021-Injection
Lecture 20 A04:2021-Insecure Design
Lecture 21 A05:2021-Security Misconfiguration
Lecture 22 A06:2021-Vulnerable and Outdated Components
Lecture 23 A07:2021-Identification and Authentication Failures
Lecture 24 A08:2021-Software and Data Integrity Failures
Lecture 25 A09:2021-Security Logging and Monitoring Failures
Lecture 26 A10:2021-Server-Side Request Forgery
Section 5: Learn Security Architecture and Review with Threat Modeling in App Security
Lecture 27 What is Security Architecture & Design Review (SAR)?
Lecture 28 4 Step Process to perform Security Architecture & Design Review in Real Life
Lecture 29 Hands On: Create an account with IriusRisk
Lecture 30 Hands On: Create a Data Flow Diagram with Irius Risk
Lecture 31 Hands On: Perform Threat Modeling and Generate Reports using IriusRisk
Section 6: Learn DevSecOps in Application Security with Example
Lecture 32 What is DevSecOps?
Lecture 33 Tools used for DevSecOps Implementation in the market - Detailed discussion
Lecture 34 Case Study: Understanding Project Requirements before workflow implementation
Lecture 35 Hands On: Write code changes to integrate SAST, SCA & DAST in DevSecOps Pipeline
Lecture 36 Hands On: Execute End to End GitLab DevSecOps Pipeline and review logs
Section 7: Next Steps
Lecture 37 Bonus Lecture
Beginners interested to learn and find a job in application security