advanced search
Do you have any questions?
+420 731 175 867 (Mo-Fr: 9A.M.-5P.M.)
EN
0 Basket

FT120 – Fortify SAST and DAST for Developers

Course code: FT120

Fortify SAST and DAST for Developers is a two day training that explores how the Fortify product suite Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) scans for security vulnerabilities. As a student you will learn about the threats to applications, as well as the operation and remediation through the Fortify solution. With 70% hands-on activities you will learn how to utilize the Fortify SCA (Static Code Analyzer) and WebInspect.

960 EUR

1 162 EUR including VAT

Selection of dates
onas
Do you have a question?
+420 731 175 867 edu@edutrainings.cz

Professional
and certified lecturers

Internationally
recognized certifications

Wide range of technical
and soft skills courses

View soft skills courses

Great customer
service

Making courses
exactly to measure your needs

Course dates

Starting date: Upon request

Type: In-person/Virtual

Course duration: 2 days

Language: en/cz

Price without VAT: 960 EUR

Register

Starting
date		 Place
Type Course
duration		 Language Price without VAT
Upon request In-person/Virtual 2 days en/cz 960 EUR Register
G Guaranteed course

Didn't find a suitable date?

Write to us about listing an alternative tailor-made date.

Contact

Target group

Software/Application Developers, Product Managers, Development Managers, Q/A Managers, Q/A Analysts, and Application Security Analysts

Course structure

Module 1: Application Security overview

  • Review the OWASP Top 10 2017
  • Recognize layers of Securing Data (whitebox and Blackbox testing)

Module 2: Fortify Static Scanning

  • Run several different types of scans using Fortify
  • Practice memory tuning to optimize scanning

Module 3: Scan Results in Audit Workbench (AWB)

  • Identify the findings in the Critical folder
  • Apply the appropriate validation method to remediate a given vulnerability in the Critical folder
  • Audit and suppress findings

Module 4: Fortify SCA (Static Code Analyzer) Metrics

  • Describe the Scanning Process
  • Explain the function of each Analyzer
  • Recognize how the findings are placed within each risk folder

Module 5: Fortify IDE Plugins

  • Configure and scan using the Fortify IDE plugins Visual Studio and Eclipse

Module 6: Analysis Trace and Remediating Vulnerabilities

  • Properly read the analysis trace
  • Learn how to remediate vulnerabilities

Module 7: WebInspect (WI) Application Exploits

  • Identify characteristics of Web-based application security defects
  • Recognize prevalent software attacks

Module 8: Dynamic Scanning with WI

  • Produce scans and create macros
  • Evaluate then remediate your scan results

Module 9: Mobile Scanning with WI

  • Recognize WebInpsect Mobile Templates, Devices and Software
  • Recognize the steps for Native Mobile Scanning

Module 10: Web Services and API Scanning

  • Describe Web Services (SOAP) scanning capabilities
  • Perform a Web services scan

Module 11: Application and Scan Settings

  • Review the primary application and default scan setting options in WebInspect

 

 

Prerequisites

To be successful in this course, you should have the following prerequisites or knowledge:

  • Basic programming skills (able to read Java, C/C++, or .NET)
  • Basic understanding of web technologies: HTTP Requests and Responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar)
  • Knowledge of Web and Application Development practices

Do you need advice or a tailor-made course?

onas

product support

+420 731 175 867

edu@edutrainings.cz

ComGate payment gateway MasterCard Logo Visa logo