Prochaines sessions
Programme
1er jour : Introduction à la recherche de vulnérabilité dans les applications Web et Mobile
- Introduction to the Web Application Vulnerability Assessment
- Type: Labs
- Audience: Everyone that have already developed web applications
- Technology: Web technologies
- Objective: The objective of this training is to allow the students to discover the offensive side of the Application Security about Web Application and practice it during a lab
- During this training, the students will discover:
- What is a Web Application Vulnerability Assessment?
- The different steps of this kind of assessment
- The methodology used to rate the security issues
- The open referential that can be used to conduct an assessment
- Introduction to the Mobile Application Vulnerability Assessment
- Type: Labs
- Audience: Everyone that have already developed mobile applications
- Technology: Mobile technologies
- Objective: The objective of this training is to allow the students to discover the offensive side of the Application Security about Mobile Application and practice it during a lab
- During this training, the students will discover:
- What is a Mobile Application Vulnerability Assessment?
- The different steps of this kind of assessment
- The methodology used to rate the security issues
- The open referential that can be used to conduct an assessment
2ème jour : Introduction à la sécurité dans le développement avec les notions théoriques
- Démonstration des vulnérabilités les plus communes et des méthodes de défense pour s’en prémunir
- Introduction to Secure Coding
- Type: Theoretical
- Audience: Everyone
- Technology: Independent
- Objective: The objective of this training is to introduce the students to the defensive side of the Application Security
- During this training, the students will discover:
- What is the Application Security?
- Why the security of an application is important for is life in the company information system?
- Principles of Secure Coding
- Common security error meet during development and how to prevent them
- Practical demonstrations of common vulnerabilities
- Type: Demonstration
- Audience: All developers
- Technology: Independent
- Objective: The objective of this training is to present to the students different kinds of application vulnerabilities
- During this training, the students will discover:
- Different kind of vulnerabilities that are commonly present in applications
- How to detect them
- How to validate them
- How to fix them
Mise en pratique des cours théoriques à travers l’implémentation de la sécurité dans un projet vulnérable
- Secure coding labs
- Type: Labs
- Audience: Developers with current competencies in the session development language
- Technology: JAVA or .NET – Single technology by session
- Objective: The objective of this training is to allow the students to manipulate the secure coding concepts and vulnerabilities seen during the trainings “Introduction to Secure Coding” and “Practical demonstrations of common vulnerabilities”
- During this training, the students will discover:
- How to identify the kind of attacks to which the application’s business features are exposed
- Derivate counter-measures from attacks identified
- Implements counter-measures using the target technology build-in features or custom code depending on the attack and the technology capacities
