Dynamic Application Security Testing
Focused View
Jerod Brennen
3:24:17
89 View
01 - The importance of dynamic testing.mp4
01:00
02 - What you should know.mp4
01:49
01 - Software quality assurance process.mp4
04:22
02 - Positive testing.mp4
03:46
03 - Negative testing.mp4
04:56
04 - SQA metrics.mp4
07:45
05 - OWASP Testing Guide.mp4
05:29
06 - Demo OWASP ZAP.mp4
06:27
01 - Manual vs. automated testing.mp4
06:25
02 - Scanning vs. pen testing.mp4
08:32
03 - Testing in non-production.mp4
04:28
04 - Testing in production.mp4
04:40
05 - OSINT gathering.mp4
07:36
06 - Web app proxies.mp4
04:38
07 - DevSecOps.mp4
04:24
08 - Demo Burp Suite.mp4
08:39
01 - Scoping a web app pen test.mp4
06:52
02 - Avoiding production impacts.mp4
05:52
03 - Penetration testing execution standard.mp4
10:22
04 - Types of pen tests.mp4
04:28
05 - Web application firewalls.mp4
05:07
06 - SIEMs.mp4
06:23
07 - Purple teaming.mp4
03:52
08 - Demo Kali Linux.mp4
04:00
01 - The OWASP Top Ten.mp4
03:16
02 - A1 Broken access control.mp4
05:58
03 - A2 Cryptographic failures.mp4
06:49
04 - A3 Injection.mp4
07:44
05 - A4 Insecure design.mp4
05:30
06 - A5 Security misconfiguration.mp4
07:25
07 - A6 Vulnerable and outdated components.mp4
07:07
08 - A7 Identification and authentication failures.mp4
06:59
09 - A8 Software and data integrity failures.mp4
05:58
10 - A9 Security Logging and monitoring failures.mp4
06:54
11 - A10 Server-side request forgery (SSRF).mp4
05:04
01 - Next steps.mp4
03:41
Description
Building security testing into the software development lifecycle is the best way to protect your app and your end users. This course identifies tools and techniques that developers can use to minimize the cost and impact of security testing—while maximizing its impact and effectiveness. Instructor Jerod Brennen focuses on dynamic application security testing, using security scanning, penetration testing, and vulnerability testing to validate code and uncover vulnerabilities. He explains the difference between positive and negative, manual and automated, and production and nonproduction testing, so you can choose the right kind for your workflow. The hands-on sections—with demos of popular tools such as OWASP ZAP and Burp Suite—prepare you to apply the lessons in the real world.
More details
User Reviews
Rating
average 0
Focused display
Category
Jerod Brennen
Instructor's CoursesBy day, I'm a strategic advisor, virtual CISO, public speaker, & storyteller.
By night, I'm a husband, father, writer, filmmaker, martial artist, musician, and gamer. I've earned every gray hair in my beard, having spent my career serving as a cybersecurity leader in public utilities, retail, higher education, consulting, and technology.
I love to share what I've learned over the years every chance I get: at local and regional professional meetings, at larger conferences, and online via blogs and podcasts. I've published multiple online information security courses with Pluralsight and LinkedIn Learning, and I teach courses in person, both domestically and internationally.
I bring a unique combination of perspective and experience to the table when helping organizations improve their cybersecurity programs, and I'd love to help you make those same improvements, focusing on the business value of an effective, efficient, forward-thinking cybersecurity program.
At the end of the day, I just want to help folks get one step closer to doing what they want to do securely.
LinkedIn Author -> https://www.linkedin.com/learning/instructors/jerod-brennen
Pluralsight Author -> https://www.pluralsight.com/authors/jerod-brennen
Hands-on experience in the following areas:
- Application Security (Web and Mobile)
- Business Analysis
- Cloud Security
- Compliance Assessment and Management (ISO, PCI, SOX, HIPAA, FISMA, FERPA)
- Corporate Training
- Data Governance
- Identity and Access Management / Identity Governance and Administration
- Mentorship
- Penetration Testing (Network, Application, Wireless, Social, Physical)
- Project Management
- Risk Assessment and Management (NIST)
- Security Architecture
- Security Awareness Training
- Security Incident Response
- Security Metrics
- Security Organization Management
- Security Policy & Procedure Development
- Security Systems Administration
- Strategic Planning, Budgeting, & Program Development
- Supplier Security Risk Management
- Technical Documentation
- Vulnerability Assessment and Management
Finally, if you connect with me and send me a sales message without including the word "Orwell," I'll know that you didn't take time to get to know me through my profile. No one likes an impersonal cold call. People who put forth the effort to personalize that outreach are more likely to develop an authentic relationship. ;)
Linkedin Learning
View courses Linkedin LearningLinkedIn Learning is an American online learning provider. It provides video courses taught by industry experts in software, creative, and business skills. It is a subsidiary of LinkedIn. All the courses on LinkedIn fall into four categories: Business, Creative, Technology and Certifications.
It was founded in 1995 by Lynda Weinman as Lynda.com before being acquired by LinkedIn in 2015. Microsoft acquired LinkedIn in December 2016.
- language english
- Training sessions 36
- duration 3:24:17
- English subtitles has
- Release Date 2023/03/29
