ASPE is a leading provider of SDLC training
find SDLC training anywhere in the US and in your state
Questions about our services or how our courses can help you and your organization? Call today!
     
About Us  |  Courses  |  Join Mailing List 		Business Analysis and Requirements training for analysts Training for Agile practitioners Project Management, PMP, and Professional skills training software testing and quality assurance
Fees for this course
Regular Individual Fee:
$1295

Group Rate:
(per registrant, 3 or more)
$1095
Registrations must be made at the same time to receive discount)



View the curricula and courses ASPE has to offer
Bring one of our courses onsite for superior training and cost effectiveness
Get Certified quickly and easily with ASPE SDLC
Package your training for lower pricing, easy planning, and future discounts
Free templates, tools and offers from ASPE SDLC
Why not train for free? Find out what ASPE offers today!
Find out the latest updates from ASPE, when training is coming to your area, or when a specific course opens up new classes
Get nearly immediate results to your questions!







ASPE SDLC now offers specialty agile assessments






COURSE 3300 | 2-DAY SESSION
Hands-On How to Break Software Security
Learn how to use real-world attacks on software to diagnose security vulnerabilities

ASPE is a certified
training delivery partner of
Security Innovation.



In this course, you’ll learn to:

  • Understand and use an effective fault model for security testing
  • Implement a range of your own attacks to diagnose software security in a real-world context
  • Design unexpected user inputs to reveal software vulnerabilites, and create scenarios developers never anticipated
  • Weed out common design problems that impact security
  • Expose implementation vulnerabilities using both the user interface and behind-the-scenes manipulation
  • Apply the attacks you’ve learned to applications used every day
  • Assess security threats in programs such as Windows Media Player, Mozilla browsers, OpenOffice.org for Linux, and others
  • Apply lessons learned from actual security testing experiences
  • Use the suite of testing tools you receive on CD in class
  • Gain perspective on the ways hidden interface tools affect the broader testing picture
  • Perform effective Application Security Testing—Learn from the experts who wrote the definitive book on Software Security


The Challenge:
Application security has not kept up with the proliferation of software. Business end-users rely heavily on software, yet don't have the time to consider the consequences of using it. As a result, they put blind faith in the applications they use — applications which most experts would agree are incredibly insecure, acting as a perfect breeding ground for hacker exploitation. This problem is exacerbated when a company's best line of defense (developers and testers) against software vulnerability does not have the skill set to identify security problems before software goes into production.

The Goal:
It is imperative that testers and developers possess the skills, techniques and tools required to find software security vulnerabilities before applications are released. Professionals in software development must learn to recognize and correct potential security holes before attackers find them.

The Solution:
Hands-on Software Security Testing Fundamentals will lay the foundation you need to effectively recognize and expose security flaws in software. The course content is based on the first book to be published on the topic of application security testing: How to Break Software Security. You will be introduced to a fault model which empowers you to conceptualize these types of bugs. You'll leave the course with hands-on experience in a full arsenal of software attacks proven effective at exposing security bugs.

Immediate benefits of attending this class:

  1. Learn what makes a security vulnerability unique, dangerous and often innocuous
  2. Understand the difference between functional and security vulnerabilities
  3. Learn about the four different classes of security vulnerabilities and how you test against them
  4. Learn nineteen specific attacks you can apply to uncover security vulnerabilities
  5. Apply what you learned in this class during the hands-on lab sessions, gain the skills to immediately use these tests in the field
  6. Design unexpected user inputs to reveal software vulnerabilities, and create scenarios developers never anticipated
  7. Improve your software development lifecycle by understanding why security is not an after-thought
  8. Increase your awareness as a developer by understanding what coding mistakes can result in gaping security holes
  9. Know *when* and *how* to look for security vulnerabilities
  10. Learn how to find vulnerabilities by attacking software dependencies
  11. Become more security aware and learn to "sense" or "smell" security vulnerabilities
  12. Learn how to use the knowledge of past security vulnerabilities behavior to protect your current applications
  13. Understand the assets your software protects
  14. View your application from the eyes of a hacker
  15. Understand the concept of insider threat
  16. Learn how to create threat models so you can identify vulnerable spots in your application
  17. Learn the industry recognized software security methodology and put it into practice
  18. Enable developers to prevent software security by understanding how they get created in the first place
  19. Catch and prevent security vulnerabilities early, when the cost is minimal
  20. Learn about the tools that can assist you in uncovering software vulnerabilities.
  21. Feel confident in your ability to *not* allow high-severity vulnerabilities to slip past your testing efforts
 
Clients  |  Resellers  |  Testimonials  |  Site Map  |  Credit for Training  |  Custom Services  |  GSA Pricing
Toll Free 877-800-5221  •  Fax: 919-816-1710  •  114 Edinburgh South Dr, Suite 104  •  Cary, NC 27511