Special Notices

NotSoSecure part of claranet cyber security

QA is proud to be an official partner with NotSoSecure.

Overview

This intermediate hands-on course delegates will gain an understanding of application security vulnerabilities including the industry standard OWASP Top 10 list and learn strategies to defend against them. Pen testing (security testing) as an activity tends to capture security vulnerabilities at the end of the SDLC and then it is often too late to influence fundamental changes in the way the code is written. This course has been written by developers turned Pen Testers who can help developers to code in a secure manner as it is critical to introduce security as a quality component into the development cycle.

Throughout this class, developers will be able to get on the same page with security professionals, understand their language, learn how to fix or mitigate vulnerabilities learnt during the class and get acquainted with some real-world breaches, for example, “The Equifax” breach in September 2017. Various bug bounty case studies from popular websites like Facebook, Google, Shopify, Paypal, Twitter etc. will be discussed explaining the financial repercussions of application security vulnerabilities like SSRF, XXE, SQL Injection, Authentication issues etc. The techniques discussed in this class are mainly focused on .NET, Java and NodeJS technologies owing to their huge adoption in various enterprises in building web applications. However, the approach is kept generic and developers from other language backgrounds can easily grasp and implement the knowledge learned within their own environments. Delegates will participate in a CTF challenge where they will have the chance to identify vulnerabilities in code snippets derived from real-world applications.

Target Audience

  • Software/Web Developers
  • PL/SQL Developers
  • Penetration Testers
  • Security Auditors
  • Administrators
  • DBAs and Security Managers

Key Takeaways

  • Understand OWASP Top 10 2017 with practical demonstrations and deeper insight.
  • Understand the financial repercussions of different vulnerabilities.
  • Get on the same page with the security team while discussing vulnerabilities.
  • Identify and Fix security vulnerabilities much earlier in the SDLC process saving time and effort.

About the Course Author

Dhruv Shah Principal Security Consultant and Trainer


Role

Dhruv has been with NotSoSecure since 2017 and has worked on security issues with a broad range of clients, including major banking, finance and media companies. This work involves web and application penetration testing and network assessments. He is also involved in Red Team assessments appraising system and network vulnerabilities with little or no prior knowledge of them. His trainer work has involved running courses at BlackHat Chicago and researching and updating the NotSoSecure Advanced Web Hacking training course. His trainer work has involved running courses at Black Hat Chicago in 2018 and Black Hat USA 2019.

Background

Dhruv holds a Master’s degree in IT and has seven years’ specialist experience in Information Security. He started off as a trainer sensitising staff in private sector organisations about security issues and what hackers look for when they launch attacks on networks. He then moved employers where he carried out penetration testing work in Indian government agencies and then at banking clients in the Middle East. He now has extensive penetration testing experience for Fortune 500 companies involving web and mobile applications, networks, Infra and Red Team work. In his spare time, he co-authored the book “Kali Linux Intrusion and Exploitation” and is an active member and moderator of one of the Null chapters in India.

Passion

From an early age, Dhruv was fascinated by the inner working of things, taking them apart and finding out how they really worked. This passion directly led to his work in later years in Information Security. He derives huge professional satisfaction by helping companies make their systems and networks more secure by sharing the results of his penetrating testing and providing concrete preventative solutions. By showing them how malicious hackers can exploit flaws and vulnerabilities, he knows he is enabling them to go about their everyday business in the most secure way possible. When not engaged in client work, he maintains his skills and knowledge by carrying out interesting and unusual types of penetration testing and researching new methods to break into applications and systems.

Learning Outcomes

  • Covers industry standards such as OWASP top 10 with a practical demonstration of vulnerabilities complemented with hands-on lab practice.
  • Provides insights into the latest security vulnerabilities (such as host header injection, XML external entity injection, attacks on JWT tokens, deserialization vulnerabilities).
  • Offers thorough guidance on best security practices (Introduction to various security frameworks and tools and techniques for secure application development).
  • Makes real-world analogies for each vulnerability explained (Understand and appreciate why Facebook would pay $33,000 for XML Entity Injection vulnerability?).
  • Provides online labs for hands-on practice during the course

Course Outline

  • Application Security Basics
    • Why do we need Application Security?
    • Understanding OWASP TOP 10 2017
  • Understanding the HTTP Protocol
    • Understanding HTTP/HTTPS protocol
    • Understanding Requests and Responses - Attack Surface
    • Configure Burpsuite to intercept HTTP/HTTPS traffic
  • Security Misconfigurations
    • Common misconfigurations in Web Applications
    • Sensitive Information exposure and how to avoid it
    • Using Softwares with known vulnerabilities
  • Insufficient Logging and Monitoring
    • Types of Logging
    • Introduction to F-ELK
  • Authentication Flaws
    • Understanding Anti-Automation Techniques
    • NoSQL Security
    • Understanding WebAuthn – Passwordless Authentication Framework
  • Authorization Bypass Techniques
    • Securing JWT and OAuth
    • Local file Inclusion
    • Mass Assignment Vulnerability
  • Cross-Site Scripting (XSS)
    • Types of XSS
    • Session Hijacking
    • Mitigating XSS
  • Cross-Site Request Forgery Scripting
    • Understanding CSRF
    • Mitigating CSRF
  • Server-Side Request Forgery (SSRF)
    • Understanding SSRF
    • Mitigating SSRF
  • SQL Injection
    • Error and Blind SQL Injections
    • Mitigating SQL Injection
    • ORM Framework: HQL Injection
  • XML External Entity (XXE) Attacks
    • Default XML Processors == XXE
    • Mitigating XXE
  • Unrestricted File Uploads
    • Common Pitfalls around file upload
    • Mitigating File upload vulnerability
  • Deserialization Vulnerabilities
    • What is Serialization?
    • Identifying Deserialization functions and deserialized data
    • Mitigation strategies for deserialization
  • Client-Side Security Concerns
    • Understanding Same Origin Policy
    • Client-Side Security headers and their server configurations
  • Source Code Review
    • What to check for Security in source code
    • CTF: A timed game to spot the flaws in the given Source Code samples
  • DevSecOps
    • DevSecOps - What Why and How?
    • Case Study

Cyber Security Learning Paths

Want to boost your career in Cyber Security? Click on the roles below to see QA‘s learning pathways, specially designed to give you the skills to succeed.

= Required
= Certification
Cyber Management
Cyber Tech
Privacy
AppSec
Security Auditor
Intrusion Analyst
CompTIA Security Includes Security+, CySA+ and CASP
Industrial Control Systems & Operational Technology Technical
Industrial Control Systems & Operational Technology Management