Må vi gemme en cookie?

Vi bruger cookies for at forbedre din oplevelse af vores hjemmeside, målrette indhold samt statistik. Læs mere om cookies

Kurser

Kursusadministration

Brug for hjælp?

  • Gregersensvej 8
  • 2630 Taastrup
Google MapsApple MapsRejseplanen
  • Forskerparken Fyn, Forskerparken 10F
  • 5230 Odense M
Google MapsApple MapsRejseplanen
  • Teknologiparken Kongsvang Allé 29
  • 8000 Aarhus C
Google MapsApple MapsRejseplanen
  • NordsøcentretPostboks 104
  • 9850Hirtshals
Google MapsApple MapsRejseplanen
  • Gammel Ålbovej 1
  • 6092Sønder Stenderup
Google MapsApple MapsRejseplanen

Masterclass: Pentesting and Securing Mobile and Web Applications

Kurset lærer dig, mobile og Web Application sikkerhedskoncepter, herunder teknikker til, hvordan man angriber, og hvordan man reagerer med de rette implementeret modforanstaltninger.

Our course has been developed around professional penetration testing and security awareness in the business and IT fields. .Net programing skills and android development basics.

Participant profile

Developers, web developers, mobile solution developers, solution architects, security professionals with strong programing skills and other people responsible for implementing security of development process or application security.

Content

Module 1: OWASP Top 10 Application Security Risks
  • This module introduces most popular and dangerous security risks that can be found in modern applications.
  • Injection
  • Broken Authentication
  • Sensitive Data Exposure
  • XXE
  • Broken Access Control
  • Security Misconfiguration
  • Cross-Site Scripting
  • Insecure Deserialization
  • Components with Known Vulnerabilities
  • Insufficient Logging & Monitoring
Module 2: Analysis of Web Application Security
  • In this module, you will learn how to perform series of web applications and web API penetration tests. Additionally, you will learn the most effective ways of securing them.
  • Methodologies of Web Application testing
  • Black Box Analysis
  • White Box Analysis
  • Automating penetration tests with OWASP ZAP
  • Web Application Firewall: Traditional vs Anomaly detection modes
Module 3: Analysis of Android Application Security
  • This module focuses on mobile Android applications, its general design, security concepts and different approaches to penetration tests and security, especially independent from OS version.
  • System architecture
  • Android OS security features
  • Black and White box tests for mobile
  • Android storage solutions
  • Encryption in App and OS
Module 4: End to End solution testing
  • This module covers different methods of penetration testing of whole solutions regardless of technology used as development platform.
  • Methodologies, solutions and tools
  • Fuzzy testing for Mobile applications
  • Fuzzy testing for Web API
  • Performance testing
Module 5: Use cases and discussion
  • This module covers discussion about security solutions specific in different technologies. It also demonstrates practical and complete use case of penetration testing and solution in 'hands-on labs' environment.

Form

Every topic is supported with virtual labs instructions and code examples.

Material

Author’s unique tools, presentations slides with notes, workshop instructions.

CPE Point (Continuing professional education)

It will be possible to earn CPE points after completion this course.

Instructor

MJL

Michael Jankowski-Lorek is a data scientist, solution architect, developer and consultant. He designs and implements solutions for Databases, data analysis and natural language processing. Michael is interested in Big data, High Availability and real time analytics especially when combined with machine learning and artificial intelligent or natural language processing.

or

Krystian Zieja NY
Krystian Zieja is a professional Infrastructure and Database Consultant with over 15 years of extensive experience in designing IT solutions. His practice spans from teaching Oracle Courses in OAI at University, to providing services for big public and consulting companies serving clients from four continents. Being a holder of numerous IT certificates such as OCP, MCSE, MCDBA and CISP.

Har du faglige spørgsmål, så kontakt:
Andre kigger også på