TS1 - Application Security for Developers

  • TS1 - Application Security for

    Penetration testing (security testing) as an activity tends to capture security vulnerabilities at the end of the SDLC and then it is often too late to influence fundamental changes in the way the code is written.

    This session has been written due to the increasing need for developers to code in a secure manner as it is critical to introduce security as a quality component into the development cycle.

  • Throughout this class, developers will be able to get on the same page with security professionals, understand their language, learn how to fix or mitigate vulnerabilities learnt during the class and get acquainted with some real-world breaches, for example, “The Equifax” breach in September 2017.

    Various bug bounty case studies from popular websites like Facebook, Google, Shopify, Paypal, Twitter etc will be discussed explaining the financial repercussions of application security vulnerabilities like SSRF, XXE,SQL Injection, Authentication issues etc…

    The techniques discussed in this class are mainly focused on .NET,Java and NodeJS technologies owing to their huge adoption in various enterprises in building web applications. However, the approach is generic and developers from other language backgrounds can easily grasp and implement the knowledge learned within their own environments.




  • Details

    Dates & Times
    8th & 9th Sep
    9:00 am to 5:00pm

    Early bird (until 31 Jul) £1,000 + VAT 

    Who should attend?

    This class is ideal for Web/API developers who work day-in-day out building full-stack web applications or web APIs. Anyone who is looking to develop a skill-set into web application security and identify web application flaws can also benefit from this course.





    Rohit Salecha
    Rohit has been working for NotSoSecure since 2016 in the capacity of a Principal
    Security Consultant.His primary responsibility is to perform web/mobile and
    infrastructure penetration tests for clients of NotSoSecure based in USA,UK and
    Europe and is also responsible for peer reviews and scrutiny of client deliverable
    pentest reports.He is the lead trainer for the best selling courses of NotSoSecure viz..“Application Security for Developers”, “DevSecOps”.

    He is also actively engaged in developing applications and training materials for
    various trainings of NotSoSecure.He is also passionate about architecting IT solutions with the focus on Information security.