A 4-day on a Client Site or Public course delivered by a CREST-Certified CHECK Team Leader
Web applications have in recent years increasingly become the prime focus of malicious attacks by cyber criminals. By exploiting the potential weak spots within a web application code, a threat actor is able to gain unauthorised access to sensitive information stored at the backend. Due to the increase in the quantity and importance of the data used by the web application, it is important that web developers/application pen testers learn how to secure/defend them.
Using a holistic approach that covers the mitigation strategies for the supporting infrastructure and web application coding using the real-world scenarios, our course prepares you to write secure applications as well as defend one from a consultant’s perspective. The supporting slides and the classroom discussion would add benefit for the attendees to learn new techniques of attack and help understand the mitigation of the same.
Based on the audience level, this course is taught in two different classes:
An Advanced course can be squeezed into 3 days based on client requirement/audience skill-set.
Security professionals (analysts, consultants, IT security officers), web developers and security administrators who are looking to add to their skill-set are welcome!
This course covers real world scenarios and discusses techniques that can be used by the attendees to improve their skill-set, and prepare for professional pen test certifications.
A training room equipped with internet and a projector.
All coursework is performed in designated labs. Each attendee is provided with a VPN setup in order to connect to the labs. You only need a laptop and ensure that you have admin/root access.
Each of the above classes is delivered by a CREST-Certified CHECK Team Leader with over 9 years professional penetration testing experience (ex-employers include Deloitte, IRM and the NCC Group).
All attendees are provided with class course documents along with lab challenges and solutions. Hints will be dropped throughout the challenges, including via Capture The Flag (CTF) events. Complete module answers are either provided in the class on the same day, or emailed afterwards.
This section outlines the course syllabus designed to help professionals achieve a high skill- set to improve their delivery quality. Highlighted text below relates to advanced track syllabus.
● Exploiting clickjacking.
● Flash/Java application security.
● .Net remoting (optional).
● Advanced SQL injection.
● Cross Site Scripting bypass blacklist techniques.
● Creating custom Burp plugins (optional).
London | November 2016 |
Dubai | December 2016 |
Singapore | January 2017 |
Zurich | March 2017 |
“I found the course to be very interesting. It not the usual bookish theoretical type, of course, it was quite interactive.."
CIO, Rak Bank, Dubai
“Amar Singh brings a wealth of personal experience and knowledge.”
President ISACA UAE
“The course was excellent. Not the typical core text book training but giving valuable insights and experiences.”
Head of IT, Bank of Sharjah, UAE
“This was the most interesting and attractive courses I have ever attended. A lot of inside knowledge was shared.”
Head of Audit, Emirate Global Aluminium, UA
"I wish all Senior Executives attend this course. It’s the most practical course I have ever attended. It teaches you not just how to understand but also how to respond to a Cyber Attack. ."
"The information we learnt provoked plenty of conversation both around personal experiences with the challenges that I face in the business and also backing up what was said in the course with real-life examples"
"The training was very informative and well knowledgable and i would recommend this course to anyone who wishes to explore cyber security even further."
IT Director, Christ the King Sixth Form Colleges London
"It’s been a great two days of learning. We drilled down, we simplified how an incident should be detected and how an incident should be handled. One of the key learnings I have taken is define normal. ."
"The overall training was good, it was quite informative. I highly recommend this training session to at least the CXO level people because it is something very meaningful for them and it can be very beneficial for organisations."
"Amar is a good mentor because he did more than just teaching. The checklist and mind maps are a really good part of the course. ."
IT Manager, HLB HAMT, Dubai UAE
"Amar is an excellent tutor and mentor also. The key aspects of the training is interactive sessions. Everyone has shared their experiences. I gained much knowledge which will be useful for my day to day activities."
"I really learnt a lot from this course as it was the first cyber security course I have been on. What I liked the most was the mind-mapping."
Paramount Computer Services, Dubai UAE
"I recommend everyone to attend this course whether your business is at the beginning or whether you have already implemented some of the IT security procedures. Even if you think you are protected but in fact it is not protected.."
This course is created by a CREST-Certified CHECK Team Leader with over 9 years experience. Penetration testing clients include some of the largest banks in the world.
This course is available as internal training course delivered on client site or alternatively you can attend one of our public courses. Please fill in the form below and one of our team will get in touch to discuss your requirments.
© 2016 Cyber Management Alliance.