209 Courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for Linux Professional Institute Certification (LPIC-2) 201 training is suitable for individuals with roles of: System administrator Network administrator Technician DevOps Overview Upon successful completion of this course, students will be able to: measure hardware resource and network bandwidth, identify and troubleshoot resource problems monitor resource usage to predict future resource needs utilise kernel components that are necessary to specific hardware, hardware drivers, system resources and requirements properly configure a kernel to include or disable specific features of the Linux kernel as necessary manage and/or query a 2.6.x, 3.x or 4.x kernel and its loadable modules query and modify the behaviour of system services at various targets / run levels properly manipulate a Linux system during both the boot process and during recovery mode properly configure and navigate the standard Linux filesystem configure automount filesystems using AutoFS configure and implement software RAID configure kernel options to support various drives create and remove logical volumes, volume groups, and physical volumes use system tools to back up important system data. This course prepares students to take the 201 exam of the LPI level 2 certification. To gain LPIC-2 certification, an individual should have an active LPIC-1 certification. Capacity Planning Measure and Troubleshoot Resource Usage Predict Future Resource Needs Linux Kernel Kernel components Compiling a Linux kernel Kernel runtime management and troubleshooting System Startup Customising system startup System recovery Alternate Bootloaders Filesystem and Devices Filesystem and Devices Maintaining a Linux filesystem Creating and configuring filesystem options Advanced Storage Device Administration Configuring RAID Adjusting Storage Device Access Logical Volume Manager Networking Configuration Basic networking configuration Advanced Network Configuration Troubleshooting network issue System Maintenance Make and install programs from source Backup operations Notify users on system-related issues

Duration 2 Days 12 CPD hours This course is intended for Security professionals, System engineers, channel partners, service partners, and end users with at least one year of experience in implementing IT security technologies (Network, Applications, and Systems). Overview This course will enable students to configure, monitor, manage, and optimize the SonicWall Network Security firewall appliances running the new SonicOS 7 to effectively defend against limitless network and cyberthreats and implement SonicWall Boundless Cybersecurity safeguards for seamless protection. Upon completion of the course, students will be able to configure the SonicWall firewall for Secure and Remote Connectivity, Network Optimization, and Advanced Threat Protection. The SonicWall Network Security Administrator (SNSA) for SonicOS 7.0curriculum provides students the required background, knowledge, and hands-on experience to begin designing, implementing, and troubleshooting SonicWall Network Security products. SonicOS 7 is SonicWall?s brand new and most advanced security operating system and is at the core of its latest physical and virtual firewalls, including models from the TZ, NSv, NSa and NSsp Series. SonicOS 7.0 features advanced security, simplified policy management, and critical networking and management capabilities for distributed enterprises and small- to medium-sized businesses with SD-branch support. Course Outline Setting up Basic Firewall Components Unified Threat Management Secure Access Deep Packet Inspection for SSL (DPI-SSL) Content Filtering Services Application Control Scalability and Reliability SD-WAN High Availability Troubleshooting Tools

Duration 3 Days 18 CPD hours This course is intended for This course is for technical professionals to gain skills in writing rules for Snort-based intrusion detection systems (IDS) and intrusion prevention systems (IPS). The primary audience includes: Security administrators Security consultants Network administrators System engineers Technical support personnel using open source IDS and IPS Channel partners and resellers Overview After taking this course, you should be able to: Describe the Snort rule development process Describe the Snort basic rule syntax and usage Describe how traffic is processed by Snort Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor the performance of Snort and how to tune rules The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.0 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules. Course Outline Introduction to Snort Rule Development Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort Lab outline Connecting to the Lab Environment Introducing Snort Rule Development Basic Rule Syntax and Usage Advanced Rule Options OpenAppID Tuning Snort

Duration 3 Days 18 CPD hours This course is intended for Typical candidates for this course are IT Professionals who deploy small-to-medium scale enterprise network solutions based on Aruba products and technologies. Overview After you successfully complete this course, expect to be able to: Explain how Aruba's wireless networking solutions meet customers' requirements Explain fundamental WLAN technologies, RF concepts, and 802.11 Standards Learn to configure the Mobility Master and Mobility Controller to control access to the Employee and Guest WLAN Control secure access to the WLAN using Aruba Firewall Policies and Roles Recognize and explain Radio Frequency Bands and channels, and the standards used to regulate them Describe the concept of radio frequency coverage and interference and successful implementation and diagnosis of WLAN systems Identify and differentiate antenna technology options to ensure optimal coverage in various deployment scenarios Describe RF power technology including, signal strength, how it is measured and why it is critical in designing wireless networks Learn to configure and optimize Aruba ARM and Client Match and Client Insight features Learn how to perform network monitoring functions and troubleshooting This course teaches the knowledge, skills and practical experience required to set up and configure a basic Aruba WLAN utilizing the OS 8.X architecture and features. Using lecture and labs, this course provides the technical understanding and hands-on experience of configuring a single Mobility Master with one controller and AP Aruba WLAN. Participants will learn how to use Aruba hardware and ArubaOS to install and build a complete, secure controller network with multiple SSIDs. This course provides the underlying material required to prepare candidates for the Aruba Certified Mobility Associate (ACMA) certification exam. WLAN Fundamentals Describes the fundamentals of 802.11, RF frequencies and channels Explain RF Patterns and coverage including SNR Roaming Standards and QOS requirements Mobile First Architecture An introduction to Aruba Products including controller types and modes OS 8.X Architecture and features License types and distribution Mobility Master Mobility Controller Configuration Understanding Groups and Subgroups Different methods to join MC with MM Understanding Hierarchical Configuration Secure WLAN configuration Identifying WLAN requirements such as SSID name, encryption, authentication Explain AP groups structure and profiles Configuration of WLAN using the Mobility Master GUI AP Provisioning Describes the communication between AP and Mobility controller Explain the AP booting sequence and requirements Explores the APs controller discovery mechanisms Explains how to secure AP to controller communication using CPSec Describes AP provisioning and operations WLAN Security Describes the 802.11 discovery, authentication and association Explores the various authentication methods, 802.1x with WPA/WPA2, Mac auth Describes the authentication server communication Explains symmetric vs asymmetric Keys, encryption methods WIPS is described along with rogue discovery and protection Firewall Roles and Policies An introduction into Firewall Roles and policies Explains Aruba?s Identity based Firewall Configuration of Policies and Rules including aliases Explains how to assign Roles to users Dynamic RF Management Explain how ARM calibrates the network selecting channels and power settings Explores OS 8.X Airmatch to calibrate the network How Client Match and ClientInsight match steers clients to better APs Guest Access Introduces Aruba?s solutions for Guest Access and the Captive portal process Configuration of secure guest access using the internal Captive portal The configuration of Captive portal using Clearpass and its benefits Creating a guest provisioning account Troubleshooting guest access Network Monitoring and Troubleshooting Using the MM dashboard to monitor and diagnose client, WLAN and AP issues Traffic analysis using APPrf with filtering capabilities A view of Airwaves capabilities for monitoring and diagnosing client, WLAN and AP issues Additional course details: Nexus Humans Aruba Mobility Fundamentals, Rev. 20.11 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Aruba Mobility Fundamentals, Rev. 20.11 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for This course is for Network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. Overview At the completion of the course, you will be able to: Protect against Network Attacks and Enforcing Corporate Policies using the Firewall Policy. Blocking Threats with Intrusion Prevention. Introducing File-Based Threats. Preventing Attacks with SEP. Layered Security. Securing Windows Clients. Secure Mac Clients. Secure Linux Clients. Controlling Application and File Access. Restricting Device Access for Windows and Mac Clients. Hardening Clients with System Lockdown. Customizing Policies based on Location. Managing Security Exceptions. This course is designed for the network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. Introduction Course environment Lab environment Introducing Network Threats Describing how Symantec Endpoint Protection protects each layer of the network stack Discovering the tools and methods used by attackers Describing the stages of an attack Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy Preventing network attacks Examining Firewall Policy elements Evaluating built-in rules Creating custom firewall rules Enforcing corporate security policy with firewall rules Blocking network attacks using protection and stealth settings Configuring advanced firewall feature Blocking Threats with Intrusion Prevention Introducing Intrusion Prevention technologies Configuring the Intrusion Prevention policy Managing custom signatures Monitoring Intrusion Prevention events Introducing File-Based Threats Describing threat types Discovering how attackers disguise their malicious applications Describing threat vectors Describing Advanced Persistent Threats and a typical attack scenario Following security best practices to reduce risks Preventing Attacks with SEP Layered Security Virus and Spyware protection needs and solutions Describing how Symantec Endpoint Protection protects each layer of the network stack Examining file reputation scoring Describing how SEP protects against zero-day threats and threats downloaded through files and email Describing how endpoints are protected with the Intelligent Threat Cloud Service Describing how the emulator executes a file in a sandbox and the machine learning engine?s role and function Securing Windows Clients Platform and Virus and Spyware Protection policy overview Tailoring scans to meet an environment?s needs Ensuring real-time protection for clients Detecting and remediating risks in downloaded files Identifying zero-day and unknown threats Preventing email from downloading malware Configuring advanced options Monitoring virus and spyware activity Securing Mac Clients Touring the SEP for Mac client Securing Mac clients Monitoring Mac clients Securing Linux Clients Navigating the Linux client Tailoring Virus and Spyware settings for Linux clients Monitoring Linux clients Providing Granular Control with Host Integrity Ensuring client compliance with Host Integrity Configuring Host Integrity Troubleshooting Host Integrity Monitoring Host Integrity Controlling Application and File Access Describing Application Control and concepts Creating application rulesets to restrict how applications run Monitoring Application Control events Restricting Device Access for Windows and Mac Clients Describing Device Control features and concepts for Windows and Mac clients Enforcing access to hardware using Device Control Discovering hardware access policy violations with reports, logs, and notifications Hardening Clients with System Lockdown What is System Lockdown? Determining to use System Lockdown in Whitelist or Blacklist mode Creating whitelists for blacklists Protecting clients by testing and Implementing System Lockdown Customizing Policies based on Location Creating locations to ensure the appropriate level of security when logging on remotely Determining the criteria and order of assessment before assigning policies Assigning policies to locations Monitoring locations on the SEPM and SEP client Managing Security Exceptions Creating file and folder exceptions for different scan types Describing the automatic exclusion created during installation Managing Windows and Mac exclusions Monitoring security exceptions

Duration 5 Days 30 CPD hours This course is intended for Typical candidates for this course are IT Professionals who deploy small-to-medium scale enterprise network solutions based on Aruba products and technologies Overview After you successfully complete this course, expect to be able to: Explain how Aruba's wireless networking solutions meet customers' requirements Explain fundamental WLAN technologies, RF concepts, and 802.11 Standards Learn to configure the Mobility Master and Mobility Controller to control access to the Employee and Guest WLAN Control secure access to the WLAN using Aruba Firewall Policies and Roles Recognize and explain Radio Frequency Bands and channels, and the standards used to regulate them Describe the concept of radio frequency coverage and interference and successful implementation and diagnosis of WLAN systems Identify and differentiate antenna technology options to ensure optimal coverage in various deployment scenarios Describe RF power technology including, signal strength, how it is measured and why it is critical in designing wireless networks Learn to configure and optimize Aruba ARM and Client Match features Learn how to perform network monitoring functions and troubleshooting AR-AMF teaches knowledge, skills & practical exp. to set up & config a basic AR WLAN utilizing OS 8.X architecture & features.using lecture & labs,AR-AMF provides tech. & hands-on exp. of config. a single Mobility Master with 1 controller & AP WLAN WLAN Fundamentals Describes the fundamentals of 802.11, RF frequencies and channels Explain RF Patterns and coverage including SNR Roaming Standards and QOS requirements Mobile First Architecture An introduction to Aruba Products including controller types and modes OS 8.X Architecture and features License types and distribution Mobility Master Mobility Controller Configuration Understanding Groups and Subgroups Different methods to join MC with MM Understanding Hierarchical Configuration Secure WLAN configuration Identifying WLAN requirements such as SSID name, encryption, authentication Explain AP groups structure and profiles Configuration of WLAN using the Mobility Master GUI AP Provisioning Describes the communication between AP and Mobility controller Explain the AP booting sequence and requirements Explores the APs controller discovery mechanisms Explains how to secure AP to controller communication using CPSec Describes AP provisioning and operations WLAN Security Describes the 802.11 discovery, authentication and association Explores the various authentication methods, 802.1x with WPA/WPA2, Mac auth Describes the authentication server communication Explains symmetric vs asymmetric Keys, encryption methods WIPS is described along with rogue discovery and protection Firewall Roles and Policies An introduction into Firewall Roles and policies Explains Aruba?s Identity based Firewall Configuration of Policies and Rules including aliases Explains how to assign Roles to users Dynamic RF Management Explain how ARM calibrates the network selecting channels and power settings Explores the new OS 8.X Airmatch to calibrate the network How Client Match and Client Insight match steers clients to better Aps Dynamic RF Management Explain how ARM calibrates the network selecting channels and power settings Explores the new OS 8.X Airmatch to calibrate the network How Client Match and Client Insight match steers clients to better Aps Guest Access Introduces Aruba?s solutions for Guest Access and the Captive portal process Configuration of secure guest access using the internal Captive portal The configuration of Captive portal using Clearpass and its benefits Creating a guest provisioning account Troubleshooting guest access Network Monitoring and Troubleshooting Using the MM dashboard to monitor and diagnose client, WLAN and AP issues Traffic analysis using APPrf with filtering capabilities A view of Airwaves capabilities for monitoring and diagnosing client, WLAN and AP issues

Duration 2 Days 12 CPD hours This course is intended for Application developers who want to increase their understanding of Spring Security with hands-on experience and build secure Spring and Spring Boot applications. Overview By the end of the course, you should be able to meet the following objectives: Use Spring Security in Spring and Spring Boot applications Configure the Spring Security filter chain Protect HTTP endpoints with expression-based access control and the AuthorizationManager API Protect method execution Use different authentication mechanisms Handle passwords in an efficient way Integrate Spring Security with Junit 5 and MockMVC to test HTTP and method security Protect against common vulnerabilities and threats Understand what OAuth2 is Use and configure the Spring Authorization Server Implement a resource server and client This 2-day course offers hands-on experience with the major features of Spring Security, which includes configuration, authentication, authorization, password handling, testing, protecting against security threats, and the OAuth2 support to secure applications. On completion, participants will have a foundation for securing enterprise and microservices applications. Security Introduction Need for security Basic security concepts Common security vulnerabilities Spring Security Basics Introduction to Spring Security High-level architecture Overview of SecurityContext Spring Security with Spring Boot Customizing Authentication Building blocks for authentication Authentication mechanisms based on user name and password Other authentication mechanisms Authentication events Securing Web Applications Configuring authorization Using AccessDecisionsManager for authorization Using AuthorizationManager for authorization Bypassing security Method Security Method security architecture Declarative method security with annotations Security Testing Spring Security Testing Support Security mock annotations and meta-annotations Using MockMvc to test security Handling Passwords Password hashing Upgrading passwords (Optional) Protecting Against Common Vulnerabilities Hardening web applications with security headers Preventing cross-site request forgery Encrypting data in transit OAuth5 and OIDC Concepts Need for OAuth Overview of OAuth5 and OIDC OAuth5 grant types Types of tokens Spring Security OAuth5 support and OAuth5 login Spring Authorization Server Introduction to Authorization Server Spring Authorization Server endpoints Spring Authorization Server configuration Protecting and accessing resources with OAuth5 Resource server Using JWT tokens Using opaque tokens Configuring an OAuth5 client Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Spring Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Spring Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This course is intended for System and network engineers, technical architects and technical support personnel Overview Upon successful completion of this course, students will be able to install and operate a Cisco DNA Center (DNAC) This course will cover the basics of installing and operation of the Cisco DNA Center (DNAC). The Cisco DNAC is a stand-alone product that provides a single dashboard for every fundamental management task to simplify running an enterprise network. The DNAC is the management piece of the Software Defined Access (SDA) solution. Intent-based Networking overview DNA Center overview. DNA Center as a Platform. DNA Center Architecture & Design. DNA Center Installation DNA Center/Identity Services Engine (ISE) Integration ISE Integration configuration in DNA Center. DNA - Global - Add servers (e.g. ISE server(s)). DNA Center integration configuration in ISE. Approve pxGrid in ISE.Verify DNA/ISE integration DNA Center - Device Inventory Add networks devices to the DNA Center device inventory. Verify DNA Center Inventory configuration. DNA Center - Design - Network Hierarchy. Verify DNA Center - design configuration DNA Center - Design - Software Image Management (SWIM) Review SWIM image repository listing. Create golden software image & role. Verify golden software image creation DNA Center - Design ? Templates and Policies Templates ? Apache Velocity Engine. Command Runner. Policies: Group-Based, Application,Traffic Copy, IP-Based DNA Center - Provision Configuration Add devices to newly created sites/locations. Plug and Play (PnP). Verify DNA Center - provision configuration. DNA Center - Assurance Collection. DNA Center ? Administration

Duration 2 Days 12 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy a Cisco Integrated Threat Defense solution in their network environment. The primary audience for this course includes: Systems and network engineersTechnical architectsTechnical support personnelChannel partners and resellers Overview After completing this course, you should be able to: Describe the current network security landscape and the Cisco Integrated Threat Defense (ITD) solutionDescribe the key components of the ITD solution and their use in the networkConfigure the ISE for a baseline of operation in the ITD solutionConfigure the integration between the Stealthwatch and ISE platformsConfigure the integration between the Cisco Firepower and ISE platformsConfigure the integration between Cisco Firepower and AMP for Endpoints This course begins with an analysis of the current cybersecurity landscape and includes details on why networks today need an integrated threat defense architecture. You will integrate and verify proper operation of the key Cisco Integrated Threat Defense products, including Cisco Identity Services Engine (ISE), Cisco Stealthwatch©, Cisco Firepower© NGFW, and Cisco AMP for Endpoints. Verification includes the introduction of malware into the network to ensure proper identification, analysis, and quarantine. Course Outline Integrated Threat Defense Introduction Itd Products Identity Services Engine Setup Integration Of Stealthwatch With Identity Services Engine Integration Of Firepower With Identity Services Engine Integration Of Firepower With Amp For Endpoints

Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA's Security Technical Implementation Guides (STIGs) The motivations behind STIGs Requirements that the various software development roles must meet Implementing STIG requirements and guidelines Why Hunt Bugs? The Language of CyberSecurity The Changing Cybersecurity Landscape AppSec Dissection of SolarWinds The Human Perimeter Interpreting the 2021 Verizon Data Breach Investigation Report First Axiom in Web Application Security Analysis First Axiom in Addressing ALL Security Concerns Lab: Case Study in Failure Safe and Appropriate Bug Hunting/Hacking Working Ethically Respecting Privacy Bug/Defect Notification Bug Bounty Programs Bug Hunting Mistakes to Avoid Principles of Information Security Secuity Is a Lifecycle Issue Minimize Attack Surface Area Layers of Defense: Tenacious D Compartmentalize Consider All Application States Do NOT Trust the Untrusted Identification and Authentication Failures Applicable STIGs Quality and Protection of Authentication Data Proper hashing of passwords Handling Passwords on Server Side Session Management HttpOnly and Security Headers Lab: STIG Walk-Throughs Injection Applicable STIGs Injection Flaws SQL Injection Attacks Evolve Drill Down on Stored Procedures Other Forms of Server-Side Injection Minimizing Injection Flaws Client-side Injection: XSS Persistent, Reflective, and DOM-Based XSS Best Practices for Untrusted Data Lab: STIG Walk-Throughs Applications: What Next? Common Vulnerabilities and Exposures CWE/SANS Top 25 Most Dangerous SW Errors Strength Training: Project Teams/Developers Strength Training: IT Organizations Cryptographic Failures Applicable STIGs Identifying Protection Needs Evolving Privacy Considerations Options for Protecting Data Transport/Message Level Security Weak Cryptographic Processing Keys and Key Management Threats of Quantum Computing Steal Now, Crack Later Threat Lab: STIG Walk-Throughs Application Security and Development Checklists Checklist Overview, Conventions, and Best Practices Leveraging Common AppSec Practices and Control Actionable Application Security Additional Tools for the Toolbox Strength Training: Project Teams/Developers Strength Training: IT Organizations Lab: Recent Incidents SDL Overview Attack Phases: Offensive Actions and Defensive Controls Secure Software Development Processes Shifting Left Actionable Items Moving Forward Lab: Design Study Review Asset Analysis Asset Analysis Process Types of Application-Related Assets Adding Risk Escalators Discovery and Recon Design Review Asset Inventory and Design Assets, Dataflows, and Trust Boundaries Risk Escalators in Designs Risk Mitigation Options