National CAE Designated Institution
  • Online, Instructor-Led
Course Description

Prerequisite: SDEV 425. A hands-on study of exploits, attacks, and techniques used to penetrate application security defenses and strategies for mitigating such attacks. The objective is to apply appropriate methodologies for software penetration testing to identify application weaknesses and logic flaws and to test and create scripts for exploitation and discovery. Topics include web architecture, application infrastructure, reconnaissance, discovery, mapping, and exploitation.

Learning Objectives

After completing this course, you should be able to:

  • Select, configure, and use a comprehensive set of software penetration tools and frameworks to ethically evaluate and mitigate software vulnerabilities in mobile, web, and desktop applications
  • Establish test processes, evaluate results, and analyze code and application architecture to discover and mitigate software vulnerabilities in mobile, web, and desktop applications
  • Identify, evaluate, prioritize, and ethically report software vulnerabilities and mitigation strategies

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Systems Analysis
  • Test and Evaluation

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.