What you'll learn:
- Learn core concepts of AppSec and how to apply them to real-world applications
- Learn how to use important frameworks & tools to help create more secure software
- Explore the top 10 OWASP Web Application Risks
- Explore the top 10 OWASP Mobile Application Risks
- Learn about top cloud application security risks and concepts
- Learn about the most efficient application security testing methodologies
- Perform hands-on pentesting with demonstrations
About the course:
Welcome to this Introduction to Application Security! Whether you are looking to lay down a solid foundation for a successful career in AppSec, or whether you're simply wanting to learn how to apply security best practices to your applications, this course is for you.
By learning how to navigate practical resources and frameworks, and by learning how to apply them to real-world applications, you will be well on your way to building more secure software. This course introduces concepts for web, mobile, and cloud apps so that you can gain exposure to all three and identify the specialty that you are most interested in.
In addition, we discuss top risks to defend against, including hands-on demonstrations of how attacks could be carried out against vulnerable applications.
Requirements:
While some basic programming experience is required to follow along, you definitely do not need to be a programming expert. All you really need is a strong desire to learn!
-----------------------
Topics we will cover together:
What AppSec is, including skill requirements for current job opportunities
OWASPresources and the NICEFramework
Critical concepts of AppSec
Threat Modeling concepts and approaches
The current state of web application security based on research and data
OWASTop 10 Web App Risks
The current state of mobile application security based on research and data
OWASPTop 10 Mobile App Risks
The current state of cloud application security based on research and data
Cloud access control and permissions
Building secure APIs in the cloud
AppSec testing methods and concepts
Pentesting in a safe and legal environment, including example brute force, SQLinjection, and XSSattacks
How to handle open-source software with known vulnerabilities
-----------------------
Instructor
My name is Christophe Limpalair, and Ihave helped thousands of individuals pass ITcertifications and learn how to use the cloud for their applications. I got started in ITat the age of 11 and unintentionally fell into the world of cybersecurity.
As Ideveloped a strong interest in programming and cloud computing, my focus for the past few years has been training thousands of individuals in small, medium, and large businesses (including Fortune 500) on how to use cloud providers (such as Amazon Web Services) efficiently.
I've taught certification courses such as the AWSCertified Developer, AWSCertified SysOps Administrator, and AWSCertified DevOps Professional, as well as non-certification courses such as Lambda Deep Dive, Backup Strategies, and others.
Working with individual contributors as well as managers, Irealized that most were also facing serious challenges when it came to cybersecurity.
Digging deeper, it became clear that there was a lack of training for Application Security specifically. As we explore in the course with actual research and data, most production applications in the world today contain security flaws that are identified as being in the top 10 risks by OWASP. Those security flaws can potentially be used to exploit organizations as we see in the news on a far too frequent basis.
It's time to take security into our own hands and to learn how to build more secure software in order to help make the world a safer place! Join me in the course, and we'll do just that!
Iwelcome you on your journey to learning more about Application Security, and I look forward to being your instructor!