Application Security Fundamentals for the Absolute Beginners

Become a Security Engineer | Learn about Security Certifications | Application Security with Hands On Demos
Application Security Fundamentals for the Absolute Beginners
File Size :
2.97 GB
Total length :
6h 6m

Category

Instructor

Raghu The Security Expert !!

Language

Last update

11/2023

Ratings

4.7/5

Application Security Fundamentals for the Absolute Beginners

What you’ll learn

Learn about Application security fundamentals
Learn about SAST, SCA, DAST, IAC, Container Security and FPA
Learn about various security activities in each phase of Secure SDLC
Learn about finding a job in application security
Learn about certifications that can help you to find a job in application security
Learn about OWASP TOP 10 with practical explanation and real life examples
Learn about setting up a vulnerable application on local system
Learn about Pen Test Engineer

Application Security Fundamentals for the Absolute Beginners

Requirements

No Programming experience required

Description

Who shall take this course?This “Application Security Fundamentals – Including Hands On Demo” course is designed for beginners looking to switch to application security. It will also help SOC engineers, DevOps Engineers, SRE, QA Professionals and Freshers looking to find a job in the field of application security. This course will teach you about various job roles in application security and the technical requirements for each job roles. It will explain the difference between application security and infrastructure security.This course is for:SOC engineersDevOpsSecurity EngineersAspiring professionals in the Security domainQuality Assurance EngineersInfoSec/AppSec Professional Why purchase this course?This is only practical hands-on application security course available on the internet till now.Application security enables secure application development with agility, at the same time it secures your application with automated security checks integrated within the pipeline. It helps to increase productivity and security by integrating security at each phase in the software development.Also, we have included practical examples to learn about the basic building blocks of application securityBy the end of the course, you will be able to successfully explain the various job roles in application security, technical expertise required for a job role and choose the best career option for you. No Action required before taking this course. For any question or concerns, Please post your comments in discussions tabDisclaimer: English subtitles are auto-generated so please ignore any grammar mistakes

Overview

Section 1: Introduction and Agenda

Lecture 1 Introduction And Course Agenda

Section 2: Basics of Application Security

Lecture 2 SDLC vs Secure SDLC

Lecture 3 Security Activities at each phase in Secure SDLC

Lecture 4 Security Job Roles to perform security activities at each phase in Secure SDLC

Lecture 5 Find security jobs on job hunting platforms in application security

Lecture 6 Technical Requirements and Expertise for a job of Sr Security Engineer

Lecture 7 Technical Requirements and Expertise for a job of DevSecOps Engineer

Lecture 8 Technical Requirements and Expertise for a job of VA/PT Engineer

Lecture 9 Technical Requirements and Expertise for a job of Pen Test Engineer

Lecture 10 Common Technical Requirements and Expertise for Security Job Roles

Section 3: Basic Application Security Terms with Hands-On Demo

Lecture 11 Static Application Security Testing and its tools

Lecture 12 Hands On: SAST scan using Fortify On Demand

Lecture 13 SBOM or Software Bill of Material (Also called SCA) and its tools

Lecture 14 Hands On: SCA scan using Snyk

Lecture 15 Dynamic Application Security Testing and its tools

Lecture 16 Hands On: DAST scan using Hosted OWASP ZAP

Lecture 17 Container Security Basics and its tools

Lecture 18 Hands On: Container Security scan using Snyk

Lecture 19 Infrastructure As Code Basics and its tools

Lecture 20 Hands On: IAC Security Scanning Demo using Checkov

Lecture 21 Hands On: IAC Security Scanning Demo using BridgeCrew

Lecture 22 What is CWE & CVE & CVSS?

Lecture 23 What is False Positive Analysis?

Lecture 24 Hands On: FPA Demo

Section 4: Lab Environment Setup for learning basic security requirements i.e. OWASP TOP 10

Lecture 25 Hands On: Install NodeJs for OWASP Juice Shop – First Step

Lecture 26 Hands On: Install OWASP Juice Shop on local System – Part 2

Lecture 27 Hands On: Install Burp Suite on Local System

Lecture 28 Hands On: Configure Burp Suite with Chrome Browser

Section 5: Hands On with Basics : Deep Dive in OWASP TOP 10

Lecture 29 A01:2021-Broken Access Control

Lecture 30 A02:2021-Cryptographic Failures

Lecture 31 A03:2021-Injection

Lecture 32 A04:2021-Insecure Design

Lecture 33 A05:2021-Security Misconfiguration

Lecture 34 A06:2021-Vulnerable and Outdated Components

Lecture 35 A07:2021-Identification and Authentication Failures

Lecture 36 A08:2021-Software and Data Integrity Failures

Lecture 37 A09:2021-Security Logging and Monitoring Failures

Lecture 38 A10:2021-Server-Side Request Forgery

Section 6: Learn Security Architecture and Review with Threat Modeling in App Security

Lecture 39 What is Security Architecture & Design Review (SAR)?

Lecture 40 4 Step Process to perform Security Architecture & Design Review in Real Life

Lecture 41 Hands On: Create an account with IriusRisk

Lecture 42 Hands On: Create a Data Flow Diagram with Irius Risk

Lecture 43 Hands On: Perform Threat Modeling and Generate Reports using IriusRisk

Section 7: Learn DevSecOps in Application Security with Example

Lecture 44 What is DevSecOps?

Lecture 45 Tools used for DevSecOps Implementation in the market – Detailed discussion

Lecture 46 Case Study: Understanding Project Requirements before workflow implementation

Lecture 47 Hands On: Write code changes to integrate SAST, SCA & DAST in DevSecOps Pipeline

Lecture 48 Hands On: Execute End to End GitLab DevSecOps Pipeline and review logs

Section 8: Application Security Interview Questions/Answers and CV

Lecture 49 Application Security Interview Questions and Answers

Lecture 50 Sample CV for an application security engineer

Section 9: Next Steps

Lecture 51 Bonus Lecture

Professionals interested to find a job in application security

Course Information:

Udemy | English | 6h 6m | 2.97 GB
Created by: Raghu The Security Expert !!

You Can See More Courses in the IT & Software >> Greetings from CourseDown.com

New Courses

Scroll to Top