Security / Governance, Risk & Compliance

Security testing - methodologies and tools

Advanced hands-on training in application security testing methodologies and tools. The program guides participants through a systematic testing process, from planning to reporting results. Hands-on workshops provide experience in using professional testing tools and techniques. Participants work in a dedicated lab environment where they can safely experiment with various test scenarios. The training emphasizes the practical aspects of testing and interpretation of results.

Issues

OWASP Top 10 and SANS Top 25
Penetration testing of web applications
OSSTMM and PTES methodology
Burp Suite and OWASP ZAP tools
Techniques for detecting vulnerabilities in applications
Security test automation
API security
Testing authentication and authorization
Detection of data leaks
Safe programming practices
Integration of security testing with CI/CD
Risk analysis in the testing process

Benefits

In-depth knowledge of application security testing methodologies.
Practical skills for using vulnerability detection tools.
Ability to identify and classify security threats in information systems.
Ability to create effective testing strategies tailored to different types of applications.
Knowledge of best practices for documenting and reporting test results.
Ability to interpret test results and make corrective recommendations.
Ability to integrate security testing processes into the software development cycle.

Who is this training for?

Security testers

Pentesters starting their careers

Quality assurance engineers

Programmers interested in security testing

IT security specialists

Systems security auditors

DevSecOps Engineers

Prerequisites

Basic knowledge of IT security issues
General knowledge of how web applications work
Experience in testing or programming
Knowledge of the basics of network protocols (HTTP/HTTPS)
Basic ability to read source code

Training program

Security test planning
Types of tests and their application

Testing tools
Vulnerability scanners
Penetration testing tools

Source code analysis

Black box testing

Automatic tests
Fuzzing and stress testing
Reporting and analysis
Vulnerability classification
Analysis of results
Prioritization of risks
Formulating recommendations

Delivery Methods

Online

Convenience of participating from anywhere
Interactive live sessions with trainer
Materials available for 30 days
No travel costs

On-site

Direct contact with trainer and group
Intensive hands-on workshops
Networking with other participants
Full focus on learning

Frequently asked questions

What are the prerequisites for this training?

For Security testing - methodologies and tools we recommend: Basic knowledge of IT security issues; General knowledge of how web applications work; Experience in testing or programming.

What is the format and duration of this training?

The training lasts 2 days and is available in online and on-site format. Sessions run from 9:00 AM to 4:00 PM. We can also customize the schedule to fit your team's needs.

Who is this training designed for?

This training is designed for: Security testers; Pentesters starting their careers; Quality assurance engineers.