SANS Institute, the provider of cyber security training, is holding an event in Copenhagen on April 25 to 30. SANS is hosting two training courses: SEC642: Advanced Web App Penetration Testing and Ethical Hacking, and FOR508: Advanced Digital Forensics and Incident Response
SEC642 is led by Adrien de Beaupre, a member of the SANS Internet Storm Center whose experience also includes: Technical instruction, vulnerability assessment, penetration testing, intrusion detection, incident response and forensic analysis. On the threat landscape, de Beaupre warns: “The entire future of an organisation may only be one high-profile breach away from disaster.” Problems in web apps are a likely cause of much of this risk. “Web applications are a major attack vector. Businesses and business leaders need to understand this. SEC642 teaches the advanced skills needed to uncover and remediate vulnerabilities before criminals do.”
Such is a modern web app’s complexity, de Beaupre believes, security professionals need a very particular set of assessment skills.
The SEC642 training course, de Beaupre says: “Brings the advanced tools and techniques required to assess modern applications to the next level, going far beyond simple web application automated scanning.”
When they leave the classroom, students will be able to execute penetration tests against even the most complex web applications. Through numerous lab exercises, the course teaches hands-on skills such as:
· Identifying and attacking encryption
· Bypassing application firewalls
· Performing advanced attacks against common flaws such as XSS, SQL injection and Cross-Site Request Forgery
The training event is held at the Radisson Blu Royal Hotel, Copenhagen. For more about SEC642 and FOR508 visit: www.sans.org/event/copenhagen-2016.
