Hack YourSelf First
The training “Hack Yourself First” is focussed on developers building up cyber-offense skills and proactively seeking out security vulnerabilities in their own applications before an attacker does.
|15+ Years Experience
Learn from industry leaders
|Tailor-made Learning Journeys
Become the expert you want to be!
Immediately start applying your craft
Highly reviewed by your peers
- DevSecOps Engineer
The prevalence of online attacks against websites has accelerated quickly in recent years and the same risks continue to be readily exploited. However, these are very often easily identified directly within the browser; it’s just a matter of understanding the vulnerable patterns to look for. This training comes at security from the view of the attacker in that their entry point is typically the application. They have a website for example and they want to probe it for security risks and this is how they go about it. The approach is more reflective of the real online threat than reviewing source code is and it empowers participants to begin immediately assessing their applications even when they’re running in a live environment without access to the source.
How can I test my applications for security so that security bugs can be fixed?
Mohammed Siyam is a Security Architect at DevOn. He works with various distributed Agile and Scrum teams in helping them deliver secure software sustainably at speed and scale. Siyam is passionate about Software Security, Cloud Security and enjoys sharing his knowledge through various trainings.
The learning objectives for Hack Yourself First training include an understanding of:
- Intermediate level of knowledge to identify potential application security flaws.
- The many number of tools and secrets used by Ethical hackers world wide Brief overview of security controls techniques
- Being able to ethically hack web application right after stepping out of the class Practical, hands-on, and real-world workshop enables learning by actually hacking
- Being able to recognize patterns and common vulnerabilities
- Being able to classify risks and report them responsibly
- The Forrest Rabbit Analogy
- Disclaimer and Responsible activities
- Defining a Risk
- The HTTP Protocol
- The OWASP foundation and projects
- The Penetration Testing Methodology
- Learning to Install the tools of the trade
- Introducing our vulnerable applications of the day
- Learning to Identify Injection flaws- SQL Injection- Operating System Command Injections- Exploitation
- How to – Session Hijacking and Privilege Escalations
- A look at Transport Layer security The CIAo The Certificates and the Authorities Audit process
- Summing the Information Disclosure Flaws
- Learning to Identify
- Reporting Guidelines
- Risk Classification Guidelines
Top reviews of our trainings
Enthusiastic and flexibleDevOps Foundation
Really good structure, clean code part
Good idea of what DevOps is aboutDevOps Foundation
Nice to be able to apply the principles yourselfQuality Code using SOLID principles
Good concrete examples!Quality Code using SOLID principles
Good way of bringing information.Kubernetes
What’s next for me?
Take a look at what trainings you should follow next to become a true expert in your field.
After your registration has been confirmed, you are still able to change the date up to 20 days before the first day of the training. You are able to do this once. Please send your request to email@example.com or call +31(0)15-24 11 900 for further assistance.
Two weeks before each training, we will check if we have enough participants for the training course to be valuable and continue. If this is not the case, we will inform you by e-mail, with options for a new date and location. After this notification, you will have the right to cancel or change your registration within 5 working days.
On the website you can choose to pay via iDeal, creditcard or by invoice with a payment period of 30 days.
Most of our courses are available in both English and Dutch. We have a selection of training courses which are only available in English, which will be on that training page. Our rule of thumb for courses in the Netherlands is – the course is in English unless everybody speaks Dutch, then the course is in Dutch. If you want to be sure you are in a Dutch course, please get in touch with firstname.lastname@example.org in case the information on a specific date is not available on the course page.
Unless mentioned otherwise, the course fee includes the cost of training material, exam cost, the use of the location, catering and parking.
When you click on the orange arrow, the menu will unfold further. More locations and dates might appear.
The costs that apply to our programs initiated from the Netherlands are exempt from sales tax as per Article 11-1-o of the 1968 Sales Tax Act. In other locations/countries, the prices shown are excluding VAT, which will be added.
Is the ‘register’ headline visible? This means you can register and attend the training. Does the headline say ‘full’? Give us a call and we’ll try and help you out!
All course material for the open registrations is in English.
If you are doing the PSD (Scrum.org) or one of the certified DevOps Institute trainings, you will receive your exam code on the final day of the training.
We have a payment term of up to 30 days