Training Type
Language
Filtered By:
TST 101

Fundamentals of Security Testing

This course introduces security testing concepts that help students analyze an application from a security perspective.

E-Learning English
TST 191

Fundamentals of Security Testing for IoT Embedded Systems

This course provides additional security testing training of particular importance to IoT embedded software engineers.

E-Learning English
TST 221

Testing for OWASP 2017 Series

Equally important to understanding what makes the OWASP Top Ten list every three years is understanding how to test for these critical vulnerabilities and keep them out of your applications. By reducing your risk of exposure to the OWASP Top Ten, you help safeguard against compromise. Additionally, testing for these flaws is a requirement of the Payment Card Industry Standards (PCI-DSS) as well as other regulatory bodies. This course explains how these flaws occur and provides testing strategies to identify the flows in web applications.

E-Learning English
NEW
TST 222

Testing for OWASP 2017: Injection

This course explains how testers and developers can determine if their web applications are vulnerable to the A1:2017 family of injection security vulnerabilities identified by the Open Web Application Security Project (OWASP). It also explains how to protect web applications against these vulnerabilities. In this course, you will learn how to test your application against injection, and you will learn how to protect your applications against injection.

E-Learning English
NEW
TST 223

Testing for OWASP 2017: Broken Authentication

This course explains how testers and developers can determine if their web applications are vulnerable to the A2:2017 security vulnerability, broken authentication, identified by the Open Web Application Security Project (OWASP). It also explains how to protect web applications against this vulnerability. In this course, you will learn how to test your application against broken authentication, and you will learn how to protect your applications against broken authentication.

E-Learning English
NEW
TST 224

Testing for OWASP 2017: Sensitive Data Exposure

This course explains how testers and developers can determine if their web applications are vulnerable to the A3:2017 security vulnerability, sensitive data exposure, identified by the Open Web Application Security Project (OWASP). It also explains how to protect web applications against this vulnerability. In this course, you will learn how to test your application against sensitive data exposure, and you will learn how to protect your applications against sensitive data exposure

E-Learning English
NEW
TST 225

Testing for OWASP 2017: XML External Entities

This course explains how testers and developers can determine if their web applications are vulnerable to the A4:2017 security vulnerability, XML external entities, identified by the Open Web Application Security Project (OWASP). It also explains how to protect web applications against this vulnerability. In this course, you will learn how to test your application against XML external entities, and you will learn how to protect your applications against XML external entities.

E-Learning English
NEW
TST 226

Testing for OWASP 2017: Broken Access Control

The Open Web Application Security Project (OWASP) Top 10 lists the most serious and prevalent security vulnerabilities identified for Web applications. This course explains the second vulnerability identified in the OWASP Top 10, Broken Access Control, and the mitigations you can use to reduce the risk to your application. After completing this course, you will be able to determine if a Web application is vulnerable to Broken Access Control, and explain how to protect the application against this security.

E-Learning English
NEW
TST 227

Testing for OWASP 2017: Security Misconfiguration

This course explains how testers and developers can determine if their web applications are vulnerable to the A6:2017 vulnerability, security misconfiguration, identified by the Open Web Application Security Project (OWASP). It also explains how to protect web applications against this vulnerability. In this course, you will learn how to test your application for security misconfiguration,and you will learn how to protect your application against security misconfiguration.

E-Learning English
NEW
TST 228

Testing for OWASP 2017: Cross Site Scripting

The Open Web Application Security Project (OWASP) Top 10 lists the most serious and prevalent security vulnerabilities identified for Web applications. This course explains the seventh vulnerability identified in the OWASP Top 10, Cross-Site Scripting (XSS), and the mitigations you can use to reduce the risk to your application. After completing this course, you will be able to determine if a Web application is vulnerable to Cross-Site Scripting vulnerabilities, and explain how to protect the application.

E-Learning English
NEW
TST 229

Testing for OWASP 2017: Insecure Deserialization

This course explains how testers and developers can determine if their web applications are vulnerable to the A8:2017 Insecure Deserialization vulnerability identified by the Open Web Application Security Project (OWASP).It also explains how to protect web applications against this vulnerability.In this course, you will learn how to test your application for insecure deserialization and you will learn how to protect your application against insecure deserialization.

E-Learning English
NEW
TST 230

Testing for OWASP 2017: Use of Components with Known Vulnerabilities

This course explains how testers and developers can determine if their web applications are vulnerable to the A9:2017 security vulnerability, Using Components with Known Vulnerabilities, identified by the Open Web Application Security Project (OWASP). It also explains how to protect web applications against this vulnerability. In this course, you will learn how to test your application for using components with known vulnerabilities and you will learn how to protect your application against using components with known vulnerabilities.

E-Learning English
NEW
TST 231

Testing for OWASP 2017: Insufficient Logging and Monitoring

This course explains how testers and developers can determine if their web applications are vulnerable to the A10:2017 Insufficient Logging and Monitoring vulnerability identified by the Open Web Application Security Project (OWASP). It also explains how to protect web applications against this vulnerability. In this course, you will learn how to test your application for insufficient logging and monitoring, and you will learn how to protect your application against insufficient logging and monitoring.

E-Learning English
NEW
TST 250

(Coming Soon) Testing for CWE SANS Top 25 Software Errors Series

​In this series, you will learn how to identify and mitigate each of the CWE's 25 Most Dangerous Software Errors. Coverage includes techniques for spotting common security issues through code review and testing. Secure coding best practices are included for each security defect, as well as descriptions of technology specific weaknesses.The course includes Knowledge Checks, Module Summaries, and information about additional online resources.

E-Learning English
TST 251

(Coming Soon) Testing for SQL Injection

In this course, you will learn how to identify and mitigate CWE-89: Improper Neutralization of Special Elements used in an SQL Command (SQL Injection). Coverage includes techniques for spotting SQL Injection through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate. This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 252

(Coming Soon) Testing for OS Command Injection

In this course, you will learn how to identify and mitigate CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection). Coverage includes techniques for spotting OS Command Injection through code review testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.This course requires basic knowledge of client-server applications, web applications,the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 253

(Coming Soon) Testing for Classic Buffer Overflow

In this course, you will learn how to identify and mitigate CWE-120: Buffer Copy without Checking Size of Input. Coverage includes techniques for spotting Classic Buffer Overflow through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate. This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 254

(Coming Soon) Testing for Cross-site Scripting

In this course, you will learn how to identify and mitigate CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’), or XSS. Coverage includes techniques for spotting Cross-site Scripting through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate. This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 255

(Coming Soon) Testing for Missing Authentication for Critical Function

In this course, you will learn how to identify and mitigate CWE-306: Missing Authentication for Critical Function. Coverage includes techniques for spotting the Missing Authentication vulnerability through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 256

(Coming Soon) Testing for Missing Authorization

In this course, you will learn how to identify and mitigate CWE-862: Missing Authorization. Coverage includes techniques for spotting Missing Authorization through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 257

(Coming Soon) Testing for Use of Hard-Coded Credentials

In this course, you will learn how to identify and mitigate CWE-798: Use of Hard- coded Credentials. Coverage includes techniques for spotting Hard-coded credential weaknesses through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform-specific weaknesses as appropriate. This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 258

(Coming Soon) Testing for Missing Encryption of Sensitive Data

In this course, you will learn how to identify and mitigate CWE-311: Missing Encryption of Sensitive Data. Coverage includes techniques for spotting Missing Encryptions through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 259

(Coming Soon) Testing for Unrestricted Upload of File with Dangerous Type

In this course, you will learn how to identify and mitigate CWE-434: Unrestricted Upload of File with Dangerous Type. Coverage includes techniques for spotting Unrestricted Upload vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform-specific weaknesses as appropriate.This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 260

(Coming Soon) Testing for Reliance on Untrusted Inputs in a Security Decision

In this course, you will learn how to identify and mitigate CWE-807: Testing for Reliance on Untrusted Inputs in a Security Decision. Coverage includes techniques for spotting Reliance on Untrusted Inputs vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate. This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 261

(Coming Soon) Testing for Execution with Unnecessary Privileges

In this course, you will learn how to identify and mitigate CWE-250: Testing for Execution with Unnecessary Privileges. Coverage includes techniques for spotting Execution with Unnecessary Privileges vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate. This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 262

(Coming Soon) Testing for Cross Site Request Forgery

In this course, you will learn how to identify and mitigate CWE-352: Cross-site Request Forgery (CSRF). Coverage includes techniques for spotting CSRF vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 263

(Coming Soon) Testing for Path Traversal

In this course, you will learn how to identify and mitigate CWE-22: Testing for Path Traversal. Coverage includes techniques for spotting Path Traversal weaknesses through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform-specific weaknesses as appropriate.

E-Learning English
TST 264

(Coming Soon) Testing for Download of Code without integrity Check

In this course, you will learn how to identify and mitigate CWE-494: Testing for Download of Code without Integrity Check. Coverage includes techniques for spotting weaknesses through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 265

(Coming Soon) Testing for Incorrect Authorization

In this course, you will learn how to identify and mitigate CWE-863: Incorrect Authorization. Coverage includes techniques for spotting Incorrect Authorization vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 266

(Coming Soon) Testing for Inclusion of Functionality from Untrusted Control Sphere

In this course, you will learn how to identify and mitigate CWE-829: Inclusion of Functionality from Untrusted Control Sphere. Coverage includes techniques for spotting CWE-829 weaknesses through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 267

(Coming Soon) Testing for Incorrect Permission Assignment for Critical Resource

In this course, you will learn how to identify and mitigate CWE-732: Testing for Incorrect Permission Assignment for Critical Resource. Coverage includes techniques for spotting CWE-732 vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform-specific weaknesses as appropriate.

E-Learning English
TST 268

(Coming Soon) Testing for Use of a Potentially Dangerous Function

In this course, you will learn how to identify and mitigate CWE-676: Testing for Use of a Potentially Dangerous Function. Coverage includes techniques for spotting CWE- 676 vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 269

(Coming Soon) Testing for Use of a Broken or Risky Cryptographic Algorithm

In this course, you will learn how to identify and mitigate CWE-327: Testing for Use of a Broken or Risky Cryptographic Algorithm. Coverage includes techniques for spotting CWE-327 vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 270

(Coming Soon) Testing for Incorrect Calculation of Buffer Size

In this course, you will learn how to identify and mitigate CWE-131: Testing for Incorrect Calculation of Buffer Size. Coverage includes techniques for spotting CWE-131 vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate. This course requires basic knowledge of client-server applications, web applications, the Software Development Life Cycle, cryptography, and the STRIDE model. Upon completion of this course, you will be able to identify CWE-131 vulnerabilities, recognize its potential impact, apply coding best practices to avoid it, find CWE-131 vulnerabilities in your application’s source code, and test your application to detect it.

E-Learning English
TST 271

(Coming Soon) Testing for Improper Restriction of Excessive Authentication Attempts

In this course, you will learn how to identify and mitigate CWE-307: Testing for Improper Restriction of Excessive Authentication Attempts. Coverage includes techniques for spotting CWE-307 vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 272

(Coming Soon) Testing for Open Redirect

In this course, you will learn how to identify and mitigate CWE-601: Open Redirect. Coverage includes techniques for spotting CWE-601 vulnerabilities through codereview and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.This course requires basic knowledge of client-server applications, web applications,the Software Development Life Cycle, cryptography, and the STRIDE model.

E-Learning English
TST 273

(Coming Soon) Testing for Uncontrolled Format String

In this course, you will learn how to identify and mitigate CWE-134: Testing for Uncontrolled Format String. Coverage includes techniques for spotting CWE-134 vulnerabilities through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 274

(Coming Soon) Testing for Integer Overflow or Wraparound

In this course, you will learn how to identify and mitigate CWE-190: Testing for Integer Overflow or Wraparound. Coverage includes techniques for spotting weaknesses through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 275

(Coming Soon) Testing for Use of a One-Way Hash without a Salt

In this course, you will learn how to identify and mitigate CWE-759: Testing for Use of a One-Way Hash without a Salt. Coverage includes techniques for spotting weaknesses through code review and testing. Secure coding best practices are included, as well as descriptions of technology and platform- specific weaknesses as appropriate.

E-Learning English
TST 291

Classes of Security Defects - IoT Embedded Systems

This course provides additional training on Classes of Security Defects pertaining to IoT embedded software engineers.

E-Learning English
TST 411

Exploiting Buffer Overflows

This course provides students with the required information to help understand and mitigate buffer overflow exploits.

E-Learning English Multi-Language
TST 491

IoT Advanced Embedded Software Security Testing

This course module provides additional Software Security Testing of particular importance to IoT embedded software engineers.

E-Learning English
TST 901

Advanced Web Application Security Testing

This Instructor-Led course examines many important web vulnerabilities like HTML5 attacks, business logic attacks, web services attacks, and AJAX/JSON specific vulnerabilities and issues.

Live Training English
Sorry, there are no courses that meet these specifications.