ZL1_TK400

Ladda ner som PDF

IBM Security AppScan Standard Fundamentals

This course teaches you how to use IBM Security AppScan Standard effectively. The course demonstrates how to create web application and web services security scans as well as how to review and prioritize your scan results and create reports. You also learn how to optimize your scan so that it performs efficiently and accurately, and you learn about advanced techniques to help scan your applications. This course also introduces the various ways to customize Security AppScan Standard by using the Security AppScan Software Developer Kit (SDK) and eXtensions Framework (AXF).

Målgrupp

This basic course is for Web security auditors, Web developers and development managers, Quality assurance practitioners, Web testing and quality-assurance specialists.

Förkunskaper

You should have:

  • Web application security knowledge
  • Completed Essentials of Web Application Security V2.0 (RT302)

Course Objectives

  • Review the capabilities of Security AppScan Standard
  • Describe the potential risks of conducting an automated security scan
  • Configure and run a security scan
  • Compare manual and automatic exploration
  • Describe the process of analyzing scan results and using issue management
  • Review scan results, filter false positives, prioritize issues and communicate them to your stakeholders
  • Optimize your scan configuration and use advanced techniques to scan your web applications
  • Explain scan logs and messages, export a scan log, and troubleshoot scans
  • Create reports that are based on discovered security issues
  • Extend the functionality by using the Security AppScan Standard Software Development Kit (SDK) and eXtensions Framework (AXF)
  • Troubleshoot Security AppScan Standard

Course Outline 

  • Unit 1: Security AppScan Standard overview
  • Unit 2: Installation and setup
  • Unit 3: Making the most of your installation
  • Unit 4: Configuring a scan
  • Unit 5: Running a scan
  • Unit 6: Reviewing scan results
  • Unit 7: Creating reports
  • Unit 8: Scanning Web 2.0 applications
  • Unit 9: Complex login and session management
  • Unit 10: Glass box and malware scanning
  • Unit 11: Content-based scanning
  • Unit 12: Optimizing your scan
  • Unit 13: Scanning web services
  • Unit 14: Extending Security AppScan Standard
  • Unit 15: Troubleshooting Security AppScan Standard

Course Objectives

  • Review the capabilities of Security AppScan Standard
  • Describe the potential risks of conducting an automated security scan
  • Configure and run a security scan
  • Compare manual and automatic exploration
  • Describe the process of analyzing scan results and using issue management
  • Review scan results, filter false positives, prioritize issues and communicate them to your stakeholders
  • Optimize your scan configuration and use advanced techniques to scan your web applications
  • Explain scan logs and messages, export a scan log, and troubleshoot scans
  • Create reports that are based on discovered security issues
  • Extend the functionality by using the Security AppScan Standard Software Development Kit (SDK) and eXtensions Framework (AXF)
  • Troubleshoot Security AppScan Standard

Course Outline 

  • Unit 1: Security AppScan Standard overview
  • Unit 2: Installation and setup
  • Unit 3: Making the most of your installation
  • Unit 4: Configuring a scan
  • Unit 5: Running a scan
  • Unit 6: Reviewing scan results
  • Unit 7: Creating reports
  • Unit 8: Scanning Web 2.0 applications
  • Unit 9: Complex login and session management
  • Unit 10: Glass box and malware scanning
  • Unit 11: Content-based scanning
  • Unit 12: Optimizing your scan
  • Unit 13: Scanning web services
  • Unit 14: Extending Security AppScan Standard
  • Unit 15: Troubleshooting Security AppScan Standard

Utbildningen levereras i samarbete med

Kurs-ID: ZL1_TK400
Längd: 2 dagar
Pris exkl moms: 14 300 kr
Kan betalas med:
TRAINING CARD

Avtalsrabatter och kampanjer kan ej nyttjas på denna kurs.


Lämna dina kontaktuppgifter om du önskar en företagsintern utbildning.

Tipsa