Training Security testing – methodologies and tools

Practical information about training

Training description

Advanced hands-on training in application security testing methodologies and tools. The program guides participants through a systematic testing process, from planning to reporting results. Hands-on workshops provide experience in using professional testing tools and techniques. Participants work in a dedicated lab environment where they can safely experiment with various test scenarios. The training emphasizes the practical aspects of testing and interpretation of results.

Participant profile

  • Security testers
  • Pentesters starting their careers
  • Quality assurance engineers
  • Programmers interested in security testing
  • IT security specialists
  • Systems security auditors
  • DevSecOps Engineers

Agenda

  1. Security testing basics
    • Testing methodologies and standards
    • Security test planning
    • Types of tests and their application
    • Test documentation
  2. Testing tools
    • Vulnerability scanners
    • Penetration testing tools
    • Internet proxies
    • Source code analysis
  3. Testing techniques
    • Black box testing
    • White box testing
    • Automatic tests
    • Fuzzing and stress testing
  4. Reporting and analysis
    • Vulnerability classification
    • Analysis of results
    • Prioritization of risks
    • Formulating recommendations

Benefits

  • In-depth knowledge of application security testing methodologies.
  • Practical skills for using vulnerability detection tools.
  • Ability to identify and classify security threats in information systems.
  • Ability to create effective testing strategies tailored to different types of applications.
  • Knowledge of best practices for documenting and reporting test results.
  • Ability to interpret test results and make corrective recommendations.
  • Ability to integrate security testing processes into the software development cycle.

Required preparation of participants

  • Basic knowledge of IT security issues
  • General knowledge of how web applications work
  • Experience in testing or programming
  • Knowledge of the basics of network protocols (HTTP/HTTPS)
  • Basic ability to read source code

Issues

  • OWASP Top 10 and SANS Top 25
  • Penetration testing of web applications
  • OSSTMM and PTES methodology
  • Burp Suite and OWASP ZAP tools
  • Techniques for detecting vulnerabilities in applications
  • Security test automation
  • API security
  • Testing authentication and authorization
  • Detection of data leaks
  • Safe programming practices
  • Integration of security testing with CI/CD
  • Risk analysis in the testing process

Do you have any questions?
Feel free to contact us.

Justyna Kalbarczyk
+48 516 098 221
justyna.kalbarczyk@eitt.pl
31 Ząbkowska Street
03-736 Warsaw

Forms of training delivery

Stationary training

  • Training at the customer's premises or at a designated location
  • Training room equipped with the necessary equipment
  • Training materials in electronic form
  • Coffee breaks and lunch
  • Direct interaction with the trainer
  • Networking in a group
  • Workshop exercises in teams

Remote training

  • Virtual training environment
  • Electronic materials
  • Interactive online exercises
  • Breakout rooms for group work
  • Technical support during the training
  • Recordings of the session (optional)

Possibility of funding

The training can be financed with public funds under:

  • National Training Fund (KFS)
  • Development Services Base (BUR)
  • EU projects implemented by PARP
  • HR Academy Program (PARP)
  • Regional operational programs

If you are interested in funding, our team will help you prepare the required documentation.

HAVE A QUESTION?

+48 22 487 84 90

biuro@eitt.pl

Contact us for more information about our training, programs and cooperation. We will be happy to answer all your inquiries!

?
?
I have read and accept the privacy policy. *

They trusted us

MAN Truck & Bus Polska Sp. z o.o.
mBank S.A.
AGORA S.A.
Amway Poland
Aptitude
Atende S.A.
Atos Poland S.A.
Becton Dickinson Polska sp. z o. o.
Berner Polska Sp. z o.o.
Credit Information Bureau S.A.
BNP Paribas Polska S.A.
Bridgestone Europe S.A.
Capgemini
CEDC International Sp. z o.o.
Comtegra S.A.
ENERGA Information and Technology
General Directorate of National Roads and Highways.
ING Bank Śląski S.A.
Kredyt Inkaso S.A.
KPMG Ltd.
Leroy Merlin Polska Sp. z o.o.
SII Ltd.
Sopra Steria Polska Sp. z o.o.
Polska Wytwórnia Papierów Wartościowych S.A.
See more

Get to know our company

Who we are

We create
dedicated workshops

Team

A team of experienced
expert practitioners

Accreditations

We focus on the highest quality
training services

Do you have any questions?
Feel free to contact us.

Justyna Kalbarczyk
+48 516 098 221
justyna.kalbarczyk@eitt.pl
31 Ząbkowska Street
03-736 Warsaw

FAQ - Frequently Asked Questions

We offer training in a variety of tailored formats: onsite (at the client's location or our training center), live online interactive with a trainer, and in a hybrid format. Detailed information about the available delivery forms for a specific training is always included in its description on the website.
Open online trainings usually take place from 9:00 - 17:00 Polish time. In the case of closed trainings dedicated to companies, the schedule is flexible and we arrange it individually with the client to best fit the needs of the organization.
We use proven and popular video conferencing platforms, such as Microsoft Teams and Zoom, to conduct interactive online training. They provide seamless communication, the ability to work in groups and direct contact with the trainer. We provide information about the platform used in a specific training to participants before the training begins.
To comfortably participate in the online training, all you need is a standard computer (desktop or laptop) with stable internet access and an up-to-date version of a web browser installed. We recommend using headphones with a microphone for better sound quality and communication, although this is not absolutely required. Having a webcam is usually not mandatory either.
Yes, each participant receives a set of training materials prepared by our experts. We usually provide them in electronic form (e.g., PDF files) a few days before the start of the training, after confirmation of participation and payment.
Upon successful completion of most of our training courses, participants receive a named EITT Certificate of Completion, confirming the competencies gained. In addition, we offer accredited training courses (e.g., ITIL®, PRINCE2®) that prepare for official internationally recognized certification exams. Information about the type of certificate available after a specific training is always included in the detailed description of the training.
The enrollment process depends on the type of training. For open trainings (open to anyone who is interested), you can sign up directly through the application form available on the page of the particular training. If you are interested in closed training (dedicated to employees of one company), please contact us directly by email or phone - we will prepare an offer tailored to your needs.
As standard, the price of the training includes: participation in classes taught by an experienced trainer-practitioner, a set of original training materials in electronic form, and a named EITT Certificate of Completion. For accredited training courses, the price often also includes the cost of taking the official certification exam. The detailed scope of benefits for a given course is always given in its description.
The preferred form of payment for our training courses is by bank transfer, executed on the basis of an issued pro forma invoice or VAT invoice. Detailed information on payment terms and conditions is provided in the process of confirming the enrollment in the training or can be found in the regulations.
Of course! Our specialty is closed-door training, designed "tailor-made" - according to the individual needs and business objectives of a given organization. If you are interested in a topic outside of our regular offerings or would like to modify the program of an existing course, feel free to contact us. We will be happy to prepare a dedicated solution.
We are flexible and adapt to the client's needs. We can organize closed trainings even for small groups - usually the minimum number of participants is 4 people, and the cost is often calculated for the whole group. Taking care of the highest quality and comfort of learning, in case of very large groups (more than 40 people) we usually recommend dividing into smaller teams to ensure effective interaction.
Your feedback is extremely important to us, as it allows us to continuously improve our offerings. After each training session, we send participants a link to a short online evaluation survey. You can also always contact us directly by email or phone to provide your comments.
  1. One-pager invitation with deadlines
  2. Project kick-off
  3. Strategic leadership and thinking
  4. Communication and Cooperation. Conflict management
  5. Motivating, engaging and difficult decisions in business
  6. Managing Change and Innovation. Leadership in crisis
  7. Building the organization of the future
  8. Best practices workshop - retrospective; creating a coherent program for middle and lower management levels