برچسب: Security

This is a hand-on practical concentrated course on securing and attacking web and cloud APIs. APIs are everywhere nowadays: In web apps, embedded systems, enterprise apps, cloud environments and even IoT, and it is becoming increasingly necessary to learn how to defend, secure and attack API implementation and infrastructure. This training aims to engage you in creating secure modern APIs, while showing you both new and old attack vectors.

Syllabus

Defending and attacking Web APIs (REST, GraphQL..etc)
Attacking and securing AWS APIs and infrastructure.
Launching and mitigating modern Injection attacks (SSTI, RCE, SQLi, NoSQLi, Deserialization & object injection)
Deploying practical cryptography.
Securing passwords and secrets in APIs.
API authentication and authorization.
Targeting and defending API architectures (Serverless, web services, web APIs)
Securing development environments.

Attacking and Securing APIS (2021)

ادامه مطلب
Invicti is a web application security platform that helps organizations find and fix vulnerabilities in their websites and APIs. Invicti combines dynamic, interactive, and software composition analysis (DAST, IAST, and SCA) to provide comprehensive and accurate testing results. Invicti also integrates with the tools and workflows of developers, enabling them to produce more secure code and prevent vulnerabilities from reaching production. Invicti is trusted by more than 3,100 customers worldwide, including Fortune 500 companies, government agencies, and leading e-commerce platforms.

Invicti – Web Application Security For Enterprise

 

ادامه مطلب

Tenable Nessus is a powerful vulnerability scanner that helps you identify and fix security issues in your network, web applications, cloud infrastructure, and more. With Nessus, you can:

  • Scan your IT assets for thousands of known and emerging vulnerabilities, with low false positives and high accuracy.
  • Audit your systems for compliance with industry standards and best practices, such as PCI DSS, CIS Benchmarks, NIST, and more.
  • Discover and assess your internet-exposed attack surface, including web applications, domains, certificates, and cloud assets.
  • Leverage advanced features such as web application scanning, external attack surface scanning, cloud infrastructure scanning, and custom policies.
ادامه مطلب

LEG523 is a specialized course designed to provide participants with a comprehensive understanding of the legal frameworks and regulatory environments that govern cybersecurity and data privacy. This course is ideal for legal professionals, compliance officers, and cybersecurity practitioners who need to navigate the complex intersection of technology and law.

ادامه مطلب

MGT514 is a professional training course designed to help cybersecurity and IT leaders develop the skills and strategies necessary for managing and leading security programs. The course focuses on aligning security initiatives with business objectives, building a strong governance framework, and driving organizational resilience against modern threats.

ادامه مطلب

DevOps is taking the world by storm, but the often overlooked part is that keeping applications secure is increasingly important. So how do you keep your entire development chain secure and within compliance? This path answers that question by showing you the fundamentals of DevSecOps and keeping your CI/CD pipelines safe while incorporating security best practices into your DevOps lifecycle.

Syllabus

DevSecOps: The Big Picture

Approaching Automated Security Testing in DevSecOps

Performing DevSecOps Automated Security Testing

Integrating Automated Security Testing Tools

Integrating Incident Response into DevSecOps

Enabling Security Governance and Compliance in DevSecOps

Pluralsight: Fundamentals of DevSecOps

ادامه مطلب