Detail kurzu

Fortify-DAST-WebInspect Dynamic Application Security Testing (DAST) with WebInspect with Exam

EDU Trainings s.r.o.

Popis kurzu

In this training you will learn how WebInspect automates DAST (Dynamic Application Security Testing).
Security professionals and compliance auditors will practice how to efficiently scan Web applications, Web services, and REST API. Then, navigate the scan results to analyze the detected vulnerabilities to secure your applications. This course includes many practical hands-on exercises for the beginner and intermediate WebInspect user. Upon successful completion of this course, you should be able to:

Define how an attacker looks at a web application for exploitation
Define HTTP protocol to search for vulnerabilities
Recognize the functional characteristics and components of WebInspect
Create comprehensive, manual, work-flow driven, REST API and Web services scans
Create Web macros, custom scan policies and reports
Analyze the scan results and investigate vulnerabilities
Utilize the WebInspect’s Application settings, Scan settings and the security toolkit

Obsah kurzu

Module 1: Application Security and OWASP Top 10

Recognize an attackers point of view and exploits
Define OWASP Top 10 and 7 Pernicious Kingdoms
Identify the Software Development Life Cycle (SDLC)

Module 2: WebInspect Components and Concepts

Define the components and features of WebInspect
Be familiar with DAST and its challenges
Recognize the importance of WebInspect Agent

Module 3: Scanning and Macros

Create unauthenticated and authenticated scans
Produce Login and Workflow macros
Utilize pre-scan security tools
Review Scan Performance and Errors

Module 4: Mobile Scanning

Define OWASP Top 10 for mobile
Apprehend scanning Mobile APIs

Module 5: HTTP for Security Testers

Identify operational and syntactical characteristics of HTTP
Distinguish 4 types of HTTP Data and explain each method of testing

Module 6: Scan Results

Recognize the elements of the scan results page
Navigate the scan results page
Remediate vulnerabilities
Retrieve log files

Module 7: Managing Scan Policies

Understand the Compliance and Policy Manager
Utilize the default and custom scan policies

Module 8: Reports

Recognize WebInspect’s default Reports
Creating Custom Reports

Module 9: Web Services and REST API Scanning

Create a Web Services Scan
Create a REST API Scan

Module 10: Application and Default Scan Settings

Recognize the different settings for WebInspect and WebInspect Scans

Module 11: Security Toolkit

Identify WebInspect’s standard and restricted tools

Cílová skupina

This course is intended for those whose primary responsibilities include:

Evaluating your organization’s application security posture, quality, and compliance
Application development and dynamic testing
Quality Assurance (QA) testing
Certifikát Na dotaz.
Hodnocení




Organizátor



Další termíny kurzu
Termín Cena Místo konání Zarezervovat