Your course
The future of secure software is in your hands. Join this extremely informative 2-day course to bring your application security skills up to the industry standard and widen your career prospects. Get significant hands-on experience with our popular virtual labs and learn from industry experts, practicing penetration testers with a legacy of training at Black Hat. You’ll learn how to find and fix vulnerabilities in code, enhance the security culture within your dev team, apply DevSecOps thinking day to day, and more...
Who it’s for
- Software developers (beginner to advanced)
- Development team leads
This course is suitable for software developers and development teams who want to build and maintain secure software. The syllabus considers different application development strategies, from preserving legacy applications to developing new products.
Top 3 takeaways
- Practical application security skills and knowledge to use daily
- Techniques and tools to help you code securely by second nature
- DevSecOps awareness to help you transform your dev practices from the ground up
What you’ll learn
This course uses a Defense by Offense methodology based on real world offensive research (not theory). That means everything we teach has been tried and tested on live environments and in our labs, so you can put it into practice as soon as the training is over. By the end of the course, you’ll know:
- Everything you need to about application security vulnerabilities, including why they occur, how they impact your applications, and what risk they pose to the wider organization
- The principles of application security and Secure by Design thinking
- How to develop secure applications, from writing secure code to building and governing secure processes
- How to find and fix vulnerabilities in existing application code
- How to build and maintain a culture of security across the team using secure practices and tools
What you’ll be doing
You’ll be learning hands on:
- Hacking insecure code to see what vulnerabilities look like in your applications
- Fixing these vulnerabilities so you can secure your own applications
- Discussing the functionality requirements of secure application development so you can design security into everything
- Applying real world case studies to your development thinking
- Competing in a timed, fast-paced Capture the Flag (CTF) game to test your new skills
Why it’s relevant
Have you ever developed an application without testing the code for vulnerabilities or shipped software with known security flaws? Software has become a frontline target for cybercriminals who want to disable, disrupt, and destroy systems and harm individuals. And some of the most newsworthy hacks in recent years – including credit reporting agency Equifax, telecommunications giants T-Mobile and Optus, and even the Shanghai Police – have been the result of vulnerabilities in application code. From customer data being stolen, to entire organizations going offline, secure code matters.
There are other reasons to develop your ability too. As security becomes more embedded in the way we work, employers are increasingly looking for development specialists who can demonstrate technical application security skills all the way up to CTO level. Secure coding proficiency directly correlates with your growth and career progression and can lead you into new areas.
This course is packed full of exercises and topics relevant to the current threat landscape and the latest industry-standard development systems and processes. Our syllabuses are also revised regularly to reflect the latest in-the-wild hacks and whatever proof of concepts we’ve been developing through our own research. Because they remain so up to date with the threat landscape and security industry standard, many delegates return every 1-2 years to update their skills and get a refresh.
