Webové stránky používají k poskytování služeb, personalizaci reklam a analýze návštěvnosti soubory cookie. Informace, jak tyto stránky používáte, jsou sdíleny se společností Google. Používáním souhlasíte s použitím souborů cookie. Více informací.

Rozumím

Kód školení: FT120200

Fortify SAST and DAST for Developers V(ILT)

Fortify SAST and DAST for Developers is a two day training that explores how the Fortify product suite Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) scans for security vulnerabilities. As a student will learn about the threats to applications, as well as the operation and remediation through the Fortify solution. With 70% hands-on activities you will learn how to utilize the Fortify SCA (Static Code Analyzer) and WebInspect.

Obsah školení

DAY 1 SAST
Module 1: Application Security overview
 Review the OWASP Top 10 2017
 Recognize layers of Securing Data (whitebox and Blackbox testing)
Module 2: Fortify Static Scanning
 Run several different types of scans using Fortify
 Practice memory tuning to optimize scanning
Module 3: Scan Results in Audit Workbench (AWB)
 Identify the findings in the Critical folder
 Apply the appropriate validation method to remediate a given vulnerability in the Critical folder
 Audit and suppress findings
Module 4: Fortify SCA (Static Code Analyzer) Metrics
 Describe the Scanning Process
 Explain the function of each Analyzer
 Recognize how the findings are placed within each risk folder
Module 5: Fortify IDE Plugins
 Configure and scan using the Fortify IDE plugins Visual Studio and Eclipse
Module 6: Analysis Trace and Remediating Vulnerabilities
 Properly read the analysis trace
 Learn how to remediate vulnerabilities


DAY 2 DAST
Module 7: WebInspect (WI) Application Exploits
 Identify characteristics of Web-based application security defects
 Recognize prevalent software attacks
Module 8: Dynamic Scanning with WI
 Produce scans and create macros
 Evaluate then remediate your scan results
Module 9: Mobile Scanning with WI
 Recognize WebInpsect Mobile Templates, Devices and Software
 Recognize the steps for Native Mobile Scanning
Module 10: Web Services and API Scanning
 Describe Web Services (SOAP) scanning capabilities
 Perform a Web services scan
Module 11: Application and Scan Settings
 Review the primary application and default scan setting options in WebInspect

Předpokládané znalosti

To be successful in this course, you should have the following prerequisites or knowledge:
 Basic programming skills (able to read Java, C/C++, or .NET)
 Basic understanding of web technologies: HTTP Requests and Responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar)
 Knowledge of Web Application development and security practices

Cena školení

20.800,- Kč bez DPH
25.168,- Kč s DPH

Termíny školení

Momentálně nejsou vypsané žádné termíny kurzu. Napište nám o termín.

Virtuální kurz

Datum Jazyk kurzu Délka kurzu
19. července 2021 Angličtina 2 dny Registrovat

Alternativní termín

Nevyhovuje vám žádný z navrhovaných termínů? Napište nám o vypsání alternativního termínu.

Kontaktujte nás