Szkolenia Micro Focus

Cel szkolenia szkolenie zdalne - dlearning

kod: FTSCAV250-180 | wersja: 18.0

This course provides participants with demonstrations and hands-on activities using a practical, solutions-based approach to identify and mitigate today’s most common business security risks to applications.  As a students, you will learn to scan, assess and secure applications using the Fortify Static Code Analyzer (SCA) and Software Security Center (SSC). This course includes hands-on activities to:

  • Identify security vulnerabilities within Fortify SCA
  • Exploit vulnerabilities in a sample application
  • Remediate security vulnerabilities, including the OWASP Top 10
  • Update and edit Rulepacks
  • Manage applications’ security issues with Fortify SSC

Upon successful completion of this course, you should be able to:

  • Scan applications thoroughly and correctly in Fortify
  • Assess raw scan results to create a prioritized list of high-impact security findings
  • Correctly and efficiently remediate validated security findings
  • Manage security goals to ensure good progress
  • Integrate Fortify products with current SDLC best practices

Audience/Job Roles

This course is intended for application developers who are new to or have been using the Fortify SCA and/or SSC to develop secure applications. It is also useful for development managers, security-focused QA testers, and security experts.

 

Plan szkolenia Rozwiń listę

  1. Introduction to Application Security
    • Introduction to securing your applications
  2. OWASP Top 10 Vulnerabilities & Hands-On Hacking
    • Recognize the OWASP Top 10 vulnerabilities
  3. Introduction to Remediation
    • Perform a basic Threat Model and Risk Assessment
  4. Introduction to Fortify Administration
    • Installing Fortify
    • Recognize how Fortify scans
  5. Audit Workbench (AWB) Scan Results
    • Navigate Audit Workbench
  6. Fortify SCA (Static Code Analyzer)
    • Describe the Scanning Process
    • Explain the function of each Analyzer
  7. Plugins (Eclipse and Visual Studio)
    • Install and use the plugins Visual Studio and Eclipse
  8. Data Validation
    • Select the right data validation for a particular situation
    • Extend data validation libraries
  9. Analysis Trace and Remediating Vulnerabilities
    • Read the analysis trace
    • Remediate vulnerabilities
  10. Custom Rules
    • Build a rule
  11. Fortify SSC (Software Security Center)
    • Use the SSC to manage your applications
    • Run reports
Pobierz konspekt szkolenia w formacie PDF

Dodatkowe informacje

Wymagania wstępne

To be successful in this course, you should have the following prerequisites or knowledge:

  • Basic programming skills (able to read Java, C/C++, or .NET)
  • Basic understanding of web technologies: HTTP Requests and Responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar)
  • Knowledge of Web and Application development practices 
  • Experience developing and/or managing software development for security 
  • Have an understanding of your organization’s compliance requirements
Poziom trudności
Czas trwania 3 dni
Certyfikat

The participants will obtain certificates signed by Micro Focus (course completion). 

This course prepares you also for such related Micro Focus certification exam: CSE Fortify SCA/SSC Practical Exam 

Prowadzący

Authorized Micro Focus Trainer.

Pozostałe szkolenia Micro Focus | Fortify

Szkolenia powiązane tematycznie

Bezpieczeństwo IT

Formularz kontaktowy

Prosimy o wypełnienie poniższego formularza, jeśli chcą Państwo uzyskać więcej informacji o powyższym szkoleniu.






* pola oznaczone (*) są wymagane

Informacje o przetwarzaniu danych przez Compendium – Centrum Edukacyjne Spółka z o.o.

CENA SZKOLENIA OD 5040 PLN NETTO

Najbliższe szkolenia Micro Focus

Harmonogram szkoleń Micro Focus