AppSec / Application Security

Hey all so I need to learn application security for my new company and looking for resources i would prefer Video course and Labs if you know of anything like that please let me know.

Find more posts tagged with

Comments

UnixGuy

What's your involvement with App security? would you be creating apps securely or just looking at Apps and assessing their security? Do you run specific tools at your work that you need to learn? Would you be doing vulnerability management/pentesting?

Either way, start with the OWASP top 10, learn vulnerability management, and pentesting. Pentester academy has good videos and eLearnSecurity

Clm

UnixGuy said:

What's your involvement with App security? would you be creating apps securely or just looking at Apps and assessing their security? Do you run specific tools at your work that you need to learn? Would you be doing vulnerability management/pentesting?

Either way, start with the OWASP top 10, learn vulnerability management, and pentesting. Pentester academy has good videos and eLearnSecurity

1. What's your involvement with App security? : Talking with my AVP he could either hire a CloudSec Guy or and Appsec guy and with recent requirements from the business to move to AWS Cloudsec was the winner but the need is still there so im using that as a reason to learn more and do both. I see a lot of positions asking for both.

2. would you be creating apps securely or just looking at Apps and assessing their security?: I would be working with Devs to ensure they are building apps securely and continually assessing the apps.

3. No specific tools but the company is willing to buy what might be needed this would be the first appsec postion.

4. Would you be doing vulnerability management/pentesting?: would be in vuln management process and we get outside pen test quite often Like ive never heard of a company getting tested this often lol

fitzlopez

Hi if you have safari books online I recommend you skim thru this book:

Hands-On Security in DevOps

or you can buy it thru packt's 15 year anniversary $15dlls https://www.packtpub.com/catalogsearch/result/?q=Hands-On Security in DevOps

I think it gives a birds eye view to get started.

Look into the SDLC, if you want lots of theory you could check out courses on ISC2's CSSLP certification.