Course Description

 

Fortify SAST and DAST for Developers is a two day training that explores how the Fortify product suite Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) scans for security vulnerabilities. As a student you will learn about the threats to applications, as well as the operation and remediation through the Fortify solution. With 70% hands-on activities you will learn how to utilize the Fortify SCA (Static Code Analyzer) and WebInspect.

Audience/Job Roles

 Software/Application Developers, Product Managers, Development Managers, Q/A Managers, Q/A Analysts, and Application Security Analysts

Course Objectives

Upon successful completion of this course, you should be able to:

 Identify application security and the Pernicious Kingdoms

 Successfully run static (SAST) and dynamic (DAST) scans

 Analyze the scan results using both Fortify (SAST) and WebInspect (DAST)

 Manage projects and audit issues using Audit Workbench

     

 

Prerequisites/Recommended Skills

 

To be successful in this course, you should have the following prerequisites or knowledge:

 Basic programming skills (able to read Java, C/C++, or .NET)

 Basic understanding of web technologies: HTTP Requests and Responses, HTML tags, JavaScript, and server-side dynamic content (JSP, ASP or similar)

 Knowledge of Web Application development and security practices