Szkolenia Micro Focus

Cel szkolenia

kod: FT3E0029 | wersja: 17.1

Learn how to dynamically scan Web application, services, and mobile devices to find vulnerabilities, remediate, and report any issues WebInspect discovers. This course is intended to answer application security tester’s basic WebInspect usage questions. At the end of this course, you will be able to effectively work within WebInspect producing Dynamic Application Security Testing (DAST) to eliminate vulnerabilities and keep up with compliancy before and during your Web application launch. This course includes comprehensive simulated exercises.

Upon successful completion of this course, you should be able to: 

  • Define DAST and use WebInspect as a DAST tool
  • Recognize the WebInspect HTTP protocol to search for vulnerabilities
  • Identify the functional characteristics and components of WebInspect
  • Create basic, manual, mobile, and work-flow driven scans for a target application
  • Recognize settings to specify vulnerability evaluation
  • Create Web macros and reports
  • Use the Security Toolkit

Audience/Job Roles

This course is intended for those whose primary responsibilities include:

  • Evaluating your organization's application security posture, quality, and compliance
  • Application development and dynamic testing

Quality Assurance testing

Plan szkolenia Rozwiń listę

  1. WebInspect Introduction      
    • Application Security Testing
    • SAST versus DAST in the SDLC
    • WebInspect and HTTP Protocol
    • Server response status codes
  2. Basic Settings and Scans        
    • WebInspect GUI
    • Application settings*
    • Scan types
    • Create a quick scan*
    • Create a standard scan*
    • Scan settings*
    • Manual scan* 
  3. Macros and Authenticated Scanning 
    • Macro Recorder Tool
    • Login macros
    • Workflow macros
    • Create a Login macro*
    • Create a Workflow macro*
    • Run a Workflow-Driven scan*
    • Run a Guided scan*
  4. Settings for Vulnerability Evaluation
    • Scan Dashboard initial review
    • Review vulnerability options
    • Investigating vulnerabilities*
    • HTTP Editor tool
    • Leverage Web Form Editor*
  5. Scan Policies and Reports        
    • Policy manager
    • Conduct policy inspection*
    • Build custom policy check*
    • Create customized policy*
    • Compliance manager
    • Generating reports
    • Create a standard report*
    • Advanced reporting feature*
    • Create Trend report*
  6. Web Services and Mobile Scanning
    • Mobile Device scanning
    • Launch Native and Mobile scans
    • Web Services testing
    • Create a Web Services scan*
  7. Security Toolkit          
    • Security Toolkit overview
    • Get a server fingerprint*
    • Run Web Proxy*

∗ Indicates a simulation.  

 

Pobierz konspekt szkolenia w formacie PDF

Dodatkowe informacje

Wymagania wstępne

To be successful in this course, you should have the following prerequisites or knowledge.

  • An understanding of basic Web communication protocols.
  • Familiarity with some of the most common Web application vulnerabilities (i.e. OWASP Top 10)
Poziom trudności
Czas trwania 1 dzień
Certyfikat

The participants will obtain certificates signed by Micro Focus (course completion).

Prowadzący

Authorized Micro Focus Trainer.

Pozostałe szkolenia Micro Focus | Service and Portfolio Management

Szkolenia powiązane tematycznie

Bezpieczeństwo IT

Formularz kontaktowy

Prosimy o wypełnienie poniższego formularza, jeśli chcą Państwo uzyskać więcej informacji o powyższym szkoleniu.






* pola oznaczone (*) są wymagane

Informacje o przetwarzaniu danych przez Compendium – Centrum Edukacyjne Spółka z o.o.

1680 PLN NETTO

FORMA SZKOLENIA

Zamawiana ilość:

Zamawiający

Osoba kontaktowa

imię: *
nazwisko: *
adres *:
kod pocztowy *:
miasto *:
email: *
telefon:
pola oznaczone gwiazdką (*) są wymagane
Zapisz się na szkolenie