

Application Security – Vulnerability Assessments NOS: Aligned to Competency Standards developed by SSC NASSCOM in collaboration with Industry and approved by Government
A vulnerability assessment is a systematic review of security weaknesses in an information system. It evaluates if the system is susceptible to any known vulnerabilities, assigns severity levels to those vulnerabilities, and recommends remediation or mitigation, if and whenever needed.
Course Description
This course prepares the graduate student to employ the theoretical and conceptual underpinnings to understand application security vulnerability testing with suitable tools and techniques along with OWASP.
Prerequisites
- Network & Systems Administration
- Information security measures
- IT security architecture
- Network security architecture
- VA tools
Course Outline
- Determines if software meets minimum security risk acceptance prior to deployment;
- Independently verifies and validates the security of software;
- Detects software vulnerabilities such as cross-site scripting (XSS), SQL injection, and buffer overflows
- Detects back doors to protect you from malicious code injected into your application or inserted by outsourced application developers;
- Establish and monitor Security Metrics and SLAs with software providers;
Learning Objectives
- Verify the strength of the password as it provides some degree of security.
- Verify the access controls with the Operating systems/technology adopted.
- Verifies how easily the system can be taken over by online attackers.
- Evaluates the safety level of the data of system.
- Checks if the system configuration or application configuration files are protected.
- Checks if the system allows user to execute malicious script.
Target Audience
- Working Professional with Experience
- Entry Level Working Professional
- Graduates student
Keywords
Vulnerability identification, Vulnerability analysis, Risk assessment, Remediation, MAST, SAST & DAST, OWASP, ASTO, Software Composition Analysis