Need Advice GWAPT vs GWEB
Hey Folks, I am planning to go for GWAPT certification. I do conduct app pen tests at the same time I also advise app owners on mitigation. My questions is what mitigation controls or app defensive technologies they cover in GWAPT or its only about pen testings apps? GIAC also has GWEB which specifically covers app security from dev. standpoint. Any inputs will be valuable.