Applications Security Testing and Hacking

By: Red Security  09-12-2011
Keywords: Security, data protection, Application Security

Intended Audience
Security Officers, Application Testers and Architects

Course Length
1-2 Days

Course Description
This training course is focused on teaching students how to both identify and exploit application vulnerabilities using the same techniques as professional application penetration testers and real-life attackers

Sample Outline
The following is a sample outline that includes the core topics and example sub-modules taught during the class:

  • Assessment Methodologies and Tools
  • Critical Application Security Concepts
  • Performing Application Security Assessments
    • Application Code Inventory
    • Authentication, Authorization & Session Management
    • Encryption, Confidentiality & Data Protection
    • Error/Exception Handling and Logging
    • Data Access
    • XML Web Services
    • Input Validation & Output Encoding
    • Architecture, Platform, and Language Specific Testing Considerations
    • Application & Server Configuration Checks
  • Advanced Assessment Pointers and Tips

Keywords: Application Security, data protection, Professional Application, Security, Session Management,

Other products and services from Red Security


Secure Web Development | Red Security Consulting

Course Description This class is intended to teach application developers and architects the principles of secure application development and best practice defensive coding techniques. Common application vulnerabilities and weaknesses are explained along with techniques for avoiding and/or mitigating the issues. Sample Outline The following is a sample outline that includes the examples of the core topics covered in this class.


Penetration Testing | Red Security Consulting

A penetration test involves the use of automated testing tools as well as manual test methods to review the security from an external or internal perspective. We provide On-site and Off-site penetration testing services, which may include Black-Box, White-Box or Gray-Box approach to the given task. This test simulates a real-world attacker who has to study and learn about the target from public and proprietary sources.


Training | Red Security Consulting

Red Security offers advanced training courses designed to teach techniques for testing application security and building secure applications. This course will allow internal security staff to gain skills and understanding of the processes used during a web application test. All of our courses include live demonstrations and interactive exercises to reinforce the concepts taught during the class.


Services offered by Red Security

Our team can perform configuration and deployment reviews on a wide range of operating systems and devices, to ensure they are configured and deployed in line with industry best standards. We eliminate the need for your company to keep a full time IT around by leasing you our cutting-edge, high-availability VPN access servers for your road warriors and other company needs.