Security Testing Trainings

Train your internal team as you never know how to secure a system if you don't know how to hack it.

Is your company working on products with high security requirements? 

Do your products work with sensitive data? 

Risks of data leakage from your system could be fatal for a company? 

If there is at least one “yes”, it's time to train the team to think about security at the coding stage.

Our motto is: you never know how to secure a system if you don't know how to hack it. The corporate system security testing training for DEV/SEC teams is a powerful two-day intensive. After getting acquainted with the theory, the participants of the training will have a team competition, when they themselves will be able to apply their “hacker” skills and look for vulnerabilities on real projects.

Course Sections

  • Embedding Security in the Development Process (SDLC)

  • Secure Architectures

  • Risk Assessment Methodologies and Risk Register

  • Penetration Testing Based on the OWASP Methodology and Mastering the Necessary Tools

What Will Participants Learn?

  • Integrate security principles into the development cycle (SDLC)

  • Test web system security using the main OWASP test cases (Injections, XXE, XSS, CSRF, SSRF, Insecure Deserialization, Security Misconfiguration, Broken Authentication and Authorization, etc.)

  • Use the tools necessary to conduct penetration testing (nmap, Burp, Metasploit, Kali Linux, FoxyProxy, ncrack, User Agent Switcher, etc.)

  • Assess risks for found vulnerabilities

Course Trainer

Denis Koloshko

Denis is a practicing pentester, certified security expert: CISSP (Certified Information Systems Security Professional), OSWE (Offensive Security Web Expert), has over 17 years of experience in the development of scalable, high-load web systems with high security requirements.

Senior .NET Developer 

“I liked it when I was able to complete a task (any). I liked those tasks where we registered the admin, intercepted cookies and entered the site under a different user.”

Head of Development

“It was very cool and interesting, the idea of the process and methods of hacking systems has changed a lot. I learned a lot of new techniques: reverse shell, deserialization.”

Software Engineer

“I liked remote code execution, xss, network mapping + hydra the most.”

Contact us now to upgrade your team's security knowledge