Application Security Foundations Level 2
This course has moved to Semgrep Academy. You can take it here, for free: https://academy.semgrep.dev/courses/application-security-foundations-level-2
Stretch beyond your resources.
Course Introduction
FREE PREVIEWAbout Your Trainer
FREE PREVIEWPrerequisites
FREE PREVIEWWhat is AppSec?
FREE PREVIEWWhat are Metrics?
FREE PREVIEWWhat do we mean by "Advocacy"?
FREE PREVIEWWhat is Scaling?
FREE PREVIEWWhy do we need to educate Devs?
FREE PREVIEWSummary from previous course
FREE PREVIEWYour Textbook: Alice and Bob Learn Application Security
FREE PREVIEWTech Support - [email protected]
Setting and Reaching Program Goals
Goal Assignment
Goal Assignment PDF
Why do we scale?
Security CHAMPIONS
Coaching
Partnership Model
Delegation
Automation
Scaling Assignment
Scaling Assignment - PDF
Scaling Your Team: Quiz
Why do we need to educate Software Developers?
Methods of Education
When and Where will they learn?
Who do you teach?
Topic Selection
Developer Education Assignment
Developer Education Assignment PDF
Developer Education: Quiz
What is Advocacy?
Principals for success
Tips for teaching adults
Advocacy Assignment
Advocacy Assignment - PDF
Advocacy: Quiz
TIPS 1 - Tell them what you are going to tell them
TIPS 2 - The Why
TIPS 3 - Too much on one slide
TIPS 4 - Practice your Talk
TIPS 5 - Telling Stories
TIPS 6 - Reading Slides
TIPS 7 - Say thank you
TIPS 8 - Provide Links
TIPS 9 - Making Mistakes
TIPS 10 - Overloading your audience
TIPS 11 - People taking photos
TIPS 12 - People on their phones
TIPS 13 - Jargon and Acronyms
TIPS 14 - Clapping
TIPS 15 - Large Text
TIPS16 - Drink water
TIPS 17 - History Lesson
TIPS 18 - Diagrams and Imagery
TIPS 19 - Never be condescending. Ever.
TIPS 20 - Conclusion
We offer Live training too!
Metrics, Improvement and Data
Metrics vs Reporting
Measurement
Calculating In-House Risk
Metrics that Matter
Incident metrics that matter
Tools for measurement
Metrics Assignment
Metrics Assignment - PDF
Metrics: Quiz
Using Metrics for Improvement
Improvement Case Study - Video Explanation
Improvement Case Study - PDF
Improvement Assignment
Improvement Assignment - PDF
Improvement: Quiz
Reaching Your Program Goals
Goal Case Study - Video Explanation
Goal Case Study - PDF
Final Project
Goal Assignment - Final Project - PDF
Optional Program Textbook: Alice and Bob Learn Application Security
Measure What Matters: How Google, Bono, and the Gates Foundation Rock the World with OKRs
Summary
Conclusion
Thank you!
Feedback for We Hack Purple
How can we describe Tanya in just a few words?
Tanya is passionate, driven and a force of nature. These characteristics have led her to become a leader in everything AppSec. While the list of her accomplishments is extensive, what Tanya is most proud of is how she continues to value diversity, inclusion and kindness through her success.
Tanya now shares her decades of IT experience through educating others. She has compiled all her learnings from her career into a best-selling book and We Hack Purple’s valuable courses.
Don't just take our word for it! See what our students have to say.
“I was building an AppSec program and went to a few workshops, but it always boiled down to “OWASP Top 10 = bad, this is XSS” Ended up disappointed ‘cuz there wasn’t anything I could use. Until I took the AppSec course from We Hack Purple which actually provided real value. So if you want to get into AppSec I highly recommend her online talks to get to know AppSec better and take her course if you want to seriously pursue a career in AppSec. ”
@PhyberApex“What I enjoyed the most about the training was it was literally AppSec from the ground up. I don't work as an AppSec Engineer on my 8-5. This course gave me a realistic expectation and various scenarios I'd encounter in the day to day life of an AppSec engineer. It was really Tanya speaking from a place of experience and I felt like she was sharing it with me. The exercises and homework provided helps me be able to return back to my boss and lets me start getting into implementing the content in the course practically.”
David“I'd been trying to learn Application Security topics on my own, but We Hack Purple’s Application Security Fundamentals course made a lot of topics much clearer to me and helped me to understand what to prioritize when building an AppSec program. The lessons are short and easily "digestible" so that you can stop and resume as needed, without feeling like you have forgotten something. I highly recommend the course - and the book is absolutely essential!”
AndreaSave $200 with this bundle! All three levels of Application Security for the price of two!
We set goals for your AppSec program as an exercise. We dive into every type of application security activity & tool on the market, plus quizzes & exercises. The final project we make an AppSec program action plan for you to bring back to...
(5) 5.0 average ratingThis program will teach you the policies, standards & guidelines you will need to support your AppSec program. We will also learn about more advanced AppSec activities, such as incident response, securing modern technologies and more!