TOO OFTEN, SECURITY COMES AS AN AFTERTHOUGHT DURING THE APPLICATION DEVELOPMENT PROCESS
A last-minute rush to identify and resolve security issues can have serious consequences, including unexpected costs, delayed release dates, and, crucially, vulnerabilities that go undiscovered.
Building security into the development process is key to avoiding these problems. Our two-day workshops will provide you with a full understanding of best practice when it comes to application development, equipping you with the tools you need to keep your projects secure.
Making security part of your development life cycle
In just two days, our expert consultants will provide you with the knowledge that you need to identify and resolve the most common vulnerabilities that can compromise web applications.
During our bespoke workshops, we’ll teach you how to think like a hacker, taking you through serious vulnerabilities and how they can be exploited. Using real-world examples, we’ll share best practice when it
comes to secure development, giving you advice that you can take away and implement immediately.
Speak with our expert team to find out how we can help you ensure the security of your web applications.
Saving costs by factoring security into the development life cycle
The cost of fixing a bug found during the implementation stage is six times more expensive
than fixing one identified in the design process.
[Source: The Systems Science Institute at IBM]
Our expert team has the knowledge and experience to help you detect and defend against today’s most advanced cyber threats.
Whether your organisation is large or small, and no matter which stage of the journey you’re on, we’ll equip you with the tools you need and support you in navigating the evolving cyber landscape.
Our consultants will run through how to identify and resolve common web application vulnerabilities, including:
• The OWASP top 10 critical web application security risks and the basics of web application security
• The exploitation of common vulnerabilities, including SQL injection, filter bypasses, query chaining and blind exploitation
• How to break and build robust authentication and authorisation mechanisms and session management routines
• How to interact securely with database management systems
• Application mapping, use of automation, and how client-side controls can be bypassed
• The detection and exploitation of cross-site scripting issues and other client-side flaws
• How to uncover common business logic flaws using dynamic analysis and static code analysis, and good practice techniques to address these issues
• Understanding common access controls and flaws, including command injection, code injection, and XML injection