For more information contact us   Merav Di-Capua   Phone: 03-6176066   Fax: 03-6176677   merav@sela.co.il Coming courses Register/More info More courses from Application Security  Web Services Security Vista Security ISSECO Application Security Design Application Security using C++ Application Security using the Microsoft .NET Framework Application Security Testing

Tstsec - Version: 1 Application Security Testing 4 days course Description We are living in a world of data and communication, in which the most valuable asset is information. There is no doubt that today's applications must be secure. Security Standards are created to insure products will implement security measures to protect their data. Security is an "all-inclusive" term, which means it must be implemented "everywhere", in all levels: Users: Train your users and build awareness to help them to reduce the risk of performing irresponsible actions which will be used by the attacker. Make sure your UI helps your user to take the correct decisions. Infrastructure: Firewalls, Network Admin, Host & Server Hardening, Network traffic encryption etc. Application: Authentication, Authorization, Input validation, Encryption, Configuration management, Parameters manipulation, Auditing, Error Handling etc. The application must be designed and implemented while taking security issues into consideration. We have to remember that the attacker needs to find just one security breach while we have to protect everywhere. Leaving one of the above levels unhandled will result in a completely unsecured product. Application security is not just another feature. You can not just turn it on. Application security demands a lot of thinking. Threat modeling and a lot of design work must be done. Many concrete actions must follow in every phase of the development cycle. Security Testing: Testing is a crucial part of Security Development Lifecycle. The tester must understand methodology of secure development. He has to build a security test plan using the threat modeling documentation. The tester has to understand the Hacking mechanics. He has to get out of the box and think like a hacker. The tester has to know the security testing methodology. The hacker must be diligent and work systematically to find security breaches All this and more will be taught in the course. Intended audience This course is intended for Test engineers, Test Team Leaders, Quality Officers/Engineers. Prerequisites Objectives Topics

Tstsec Course
	I would like a representative to contact me regarding this activity