Source Code Review (JAVA) Training for Pentesters
Secure Code Review is a measure to help you reveal flaws in your applications before they go live. Secure source code review assesses the security of an application by examining source code.
Secure code review is probably the single most effective technique for identifying security bugs early in the system development lifecycle (SDLC). When used together with automated and manual penetration testing, code review can significantly increase the cost effectiveness of an application security verification effort.
This training is designed to introduce Pentester to the concept of Analysis of webapp source code for vulnerabilities & fixing them is the best solution to protecting the webapp. Source code review is a highly effective method of detecting vulnerabilities in software. This training aims to arm security analysts and pentesters to manually identify insecure code through analysis.
In this Training, We will live demonstrate you how to discovers hidden vulnerabilities, design flaws in source code. We use combination of scanning tools & manual review to detect insecure coding practices, backdoors, injection flaws, client site scripting flaws, insecure handling of external resources and more.