Application security is a critical part of any enterprise security plan. We will be cover how to perform a threat assessment by doing threat modeling and pen testing. This course will teach mitigation and defensive strategies in an application software development lifecycle. The focus will be on covering how enterprises bake security into their lifecycle by shifting security left and the different ways they enhance their security posture across on-premise, cloud, containers, and APIs.
Overview
Syllabus
- Introduction to Enterprise-Wide Application Security
- This is the welcome lesson to Enterprise-Wide Application Security. Here you'll get a quick overview of what we'll cover in the course.
- Designing Security Architecture
- Designing security architecture is the first phase, where you set the teams and architecture. You will learn about DevSecOps, SDLC, and security architecture in this lesson.
- Threat Hunting
- In the threat hunting phase, you will proactively find security issues in the product. You will learn about threat modeling, identify vulnerabilities, vulnerability scanning, and pen test roadmap.
- Container Vulnerabilities
- In this lesson, you will scan containers, research container vulnerabilities, and mitigate container vulnerabilities, so that you can better handle the actual deployment and cloud infrastructure.
- API Vulnerabilities
- API service is what the end-users will finally use. In this lesson, you will identify coding vulnerabilities, mitigate coding vulnerabilities, and learn about monitoring and analytics.
- CryptoV4ULT Enterprise Security Assessment Project
- In this project, you will become the lead security architect for a new startup’s web application and be tasked to identify vulnerabilities and creating a roadmap for mitigation.
Taught by
Vamsee Kandimalla