Szkolenia Micro Focus

Cel szkolenia

kod: FT01IT-42 | wersja: 4.2

Learn how to integrate Fortify with IDE Plugins (Microsoft Visual Studio and Eclipse), part of the Fortify product suite, into your software development processes to help you achieve application security.

This training will help you recognize how websites get attacked as well as the OWASP Top 10 vulnerabilities to websites, so you can understand cyber-attacks and their impact on applications. Then, you will learn, through the Fortify plugins (Microsoft Visual Studio and Eclipse), how to scan, analyze, and fix vulnerabilities in your application code to build secure applications

Upon successful completion of this course, you should be able to: 

  • Define and manage application security and its goals to ensure good progresses
  • Recognize how applications get attacks including the OWASP Top 10
  • Correctly and efficiently remediate validated security findings
  • Scan applications thoroughly and correctly
  • Audit scan results to create a prioritized list of high-impact security findings

Audience/Job Roles

Application Developers using the Fortify Plugins (Microsoft Visual Studio, Eclipse).

Plan szkolenia Rozwiń listę

  1. Introduction               
    • Introduction
    • Objectives
    • Recommended Developer Skill Set
    • Fortify for Developers Using Plugins Roadmap
    • Certification Paths
    • Summary
    • Assessment
  2. Application Security
    • Introduction
    • Objectives
    • Fortify for Developers Using Plugins Roadmap
    • Introduction to Application Security
    • Application Security in Relation to Computer Security
    • Types of Application Security
    • Getting Around Security
    • Challenges to Online Security
    • Challenges to Websites Today
    • Challenges to Automated Systems
    • Insecure Code
    • SQL Injection Attack Shuts Down Business
    • Secure Code
    • Summary
    • Assessment
  3. OWASP Top 10 Vulnerabilities            
    • Introduction
    • Objectives
    • Fortify for Developers Using Plugins Roadmap
    • Introduction to OWASP
    • OWASP Top 10 Vulnerabilities A1
    • OWASP Top 10 Vulnerabilities A2
    • OWASP Top 10 Vulnerabilities A3
    • OWASP Top 10 Vulnerabilities A4
    • OWASP Top 10 Vulnerabilities A5
    • OWASP Top 10 Vulnerabilities A6
    • OWASP Top 10 Vulnerabilities A7
    • OWASP Top 10 Vulnerabilities A8
    • OWASP Top 10 Vulnerabilities A9
    • OWASP Top 10 Vulnerabilities A10
    • OWASP Tools
    • Hidden Fields
    • Exploit Hidden Fields*
    • SQL Injection
    • Exploit SQL Injection*
    • Bypassing HTML Field Restrictions*
    • Exploit Bypassing HTML Field Restrictions
    • Summary
    • Assessment
  4. Remediation               
    • Introduction
    • Objectives
    • Fortify for Developers Using Plugins Roadmap
    • Goals of Application Security
    • Think Like a Security Person
    • Secure Enough
    • Fixing Issues Not Exploits
    • Buffer Overflow Scenario
    • Threat Model and Risk Assessment
    • Developing a Threat Model
    • Assets for the Threat Model
    • STRIDE DREAD Method
    • STRIDE
    • DREAD
    • Assessing a Vulnerability
    • Performing Risk Assessment
    • Use DREAD to Explain Vulnerabilities
    • Summary
    • Assessment
  5. Microsoft Visual Studio Plugin
    • Introduction
    • Objectives
    • Fortify for Developers Using Plugins Roadmap
    • Introduction to Visual Studio Plugin
    • Visual Studio Plugin Solution Screen
    • Fortify Menu
    • Solution Scanning Screens
    • Utilize Fortify Options*
    • Investigate the Project Summary*
    • View Filter Sets*
    • Create a Group by Option*
    • Audit Scan Results*
    • Search Specific Vulnerabilities*
    • Summary
    • Assessment
  6. Eclipse Plugin             
    • Introduction
    • Objectives
    • Fortify for Developers Using Plugins Roadmap
    • Introduction to Eclipse Plugin
    • Eclipse Plugin Solution Screen
    • Fortify Menu
    • Utilize Fortify Options*
    • Investigate the Project Summary*
    • Create a Group by Option*
    • Audit Scan Results*
    • Search for Specific Vulnerabilities*
    • Summary
    • Assessment

∗ Indicates a simulation.  

Pobierz konspekt szkolenia w formacie PDF

Dodatkowe informacje

Wymagania wstępne

To be successful in this course, you should have the following prerequisites or knowledge:

  • Basic programming skills
  • Able to read Java, C/C++ or .Net
  • Basic understanding of web technologies: HTTP Requests and Responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar)
  • Computer desktop, browser and file system navigation skills
Poziom trudności
Czas trwania 1 dzień
Certyfikat

The participants will obtain certificates signed by Micro Focus (course completion).

Prowadzący

Authorized Micro Focus Trainer.

Pozostałe szkolenia Micro Focus | Fortify

Szkolenia powiązane tematycznie

Bezpieczeństwo IT

Testowanie oprogramowania

Formularz kontaktowy

Prosimy o wypełnienie poniższego formularza, jeśli chcą Państwo uzyskać więcej informacji o powyższym szkoleniu.






* pola oznaczone (*) są wymagane

Informacje o przetwarzaniu danych przez Compendium – Centrum Edukacyjne Spółka z o.o.

840 PLN NETTO

FORMA SZKOLENIA

Zamawiana ilość:

Zamawiający

Osoba kontaktowa

imię: *
nazwisko: *
adres *:
kod pocztowy *:
miasto *:
email: *
telefon:
pola oznaczone gwiazdką (*) są wymagane
Zapisz się na szkolenie