DevOps means every developer is a security resource
With the increased speed of software development and the realisation that security must be considered earlier in the development cycle, developers need to be able to address security vulnerabilities in their applications themselves. However, most developers have had few opportunities to learn secure coding, either during formal education or on the job. Without solid security understanding in the development team, vulnerabilities lead to delayed releases, unplanned work, or insecure applications in production.
ThinkSmart’s Application Security Training offers in-depth developer training, providing practical, hands-on experience in risk detection and remediation. We work through the various application security domains with developers helping them to understand the common security threats to web applications and which countermeasures are available and appropriate. Our skilled application security professionals give your team the benefits of individualised attention, the ability to ask specific questions that are unique to your organisation, and collaboration with peers.
Three-day course
Our three-day training course is based on tools and resources provided by OWASP and others, including the OWASP Top Ten and the OWASP ASVS. To this we add our own years of experience and insights, paying particular attention to tailoring the course to suit the technology stack(s) in use by your team.
Bring your own code
We encourage developers participation, including selectively working through their own code to identify opportunities for improvement relevant to the topic under discussion. This approach helps to drive home the importance of application security and how your developers should start to address it in their own work.
Small class, big results
Our training sessions are most effective when we focus on a single project/team who can share details of their project with us in an interactive manner. Maximum group size should be about 10 people to ensure that everyone can participate. We require a meeting room with a projector and a white board.
“It’s good to be a part of the security effort rather than just a victim of it.”