Professionally Evil Application Security (PEAS): Unveiling Server-Side Discovery and Exploitation
October 4 @ 12:00 pm – 4:00 pm EDT
Instructor: Kevin Johnson
Course Length: 4 Hours
Note: This is a Pay-What-You-Can course. Your access to the Cyber Range will vary depending on how much you pay. (Details below.)
Clicking on this button will take you to our registration form on Cvent.
Pricing:
Course Description
Welcome to the world of application security, where you’ll unravel the hidden flaws lurking within server-side portions of web applications. Join us for the second course in the Professionally Evil Application Security series.
Designed to expand your expertise in vulnerability discovery, this course focuses on key concepts and techniques to identify and mitigate server-side vulnerabilities. Led by Secure Ideas’ experts, you’ll gain the knowledge and practical skills necessary to assess applications and their risk of malicious attacks.
Begin your journey with a comprehensive introduction, setting the stage for the exciting challenges ahead. Dive into the intricacies of discovery, as you explore various flaws within the server-side portions of the applications and APIs. Understand the significance of context and grasp the essential concepts related to flaws that can compromise server-side security.
Through hands-on exercises and real-world examples, you’ll delve into critical areas such as authentication and authorization, session fixation, redirects and forwards, injections, insecure deserialization, server-side request forgery (SSRF), and XML external entities. Uncover the techniques used by attackers to exploit these vulnerabilities and learn how to effectively counteract them.
Our expert instructors will guide you through each module, providing in-depth insights and practical knowledge to enhance your skills. Engage in stimulating discussions, participate in interactive labs, and gain valuable experience in vulnerability discovery within our cutting-edge test environment.
Enroll in Unveiling Server-Side Discovery and Exploitation today to fortify your application security arsenal and emerge as a proficient professional in the field. Together, we’ll navigate the intricate world of server-side vulnerabilities and empower you to protect applications with confidence and expertise.
Pay-What-You-Can and Cyber Range Access
Cyber Range access varies depending on payment level.
| Tuition Paid | Cyber Range Access |
|---|---|
| Less than $295 | No Cyber Range Access |
| $295+ | Six Months Cyber Range Access |
| Full Price – $575 | Twelve Months Cyber Range Access |
Course Instructor
Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises, and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.
