Video

Course curriculum

    1. Welcome to Semgrep Academy!

    2. Course Introduction

    3. Course Prerequisites

    4. History Lesson

    5. Industry Definitions

    1. Goals vs Activities

    2. Goal: Inventory

    3. Goal: Finding Vulnerabilities

    4. Goal: The Knowledge to Fix What You Have Found

    5. Goal: Effective Tooling

    6. Goal: Education and Reference Materials

    7. Goal: Giving Developers Security Tools

    8. Goal: Security Activities during the SDLC

    9. Goal: Incident Response

    10. Goal: Continuous Improvement

    11. Example: Program Goals 1

    12. Example 2: Program Goals

    13. Example 3: Program Goals

    14. Assignment Instructions: Setting Your Goals

    15. Assignment #1: Setting Goals for your AppSec Program

    16. Quiz: Application Security Goals

    1. What are the different AppSec activities?

    2. VA Scans and Security Assessments

    3. Threat Modelling

    4. Secure Code Review and Static Analysis

    5. Software Composition Analysis (SCA) and Supply Chain Security

    6. Penetration Testing (PenTesting)

    7. Quiz: AppSec Activities - The Basics

    1. Developer Education and Advocacy Programs

    2. Responsible Disclosure and Bug Bounty

    3. Helpful Policies, Guidelines and Standards

    4. Giving Developers Security Tools

    5. Secure Coding Library and Templates

    6. Security Reference Materials

    7. The Partnership Model

    8. Metrics and Measurement

    9. Security Regression Testing with unit tests

    10. Capture The Flag and Other Forms of Gamification

    11. Reviewing New Tech

    12. Adding Security-Related IDE Plugins

    13. Adding a shield in front of your app (WAF/RASP/CDN)

    14. Quiz: AppSec Activities - Intermediate

    1. Adding Security Tooling to a Pipeline

    2. Asynchronous Pipeline

    3. Chaos Engineering and Red Teaming

    4. Security Sprints

    5. Asking directly for feedback from Dev & Ops

    6. Quiz: AppSec Activities - DevOps Flavoured

    1. Team-Specific, Customized Security Training

    2. Creating Custom Tools

    3. Targeting an Entire Bug Class

    4. Table Top Exercises

    5. Interactive Assignment - AppSec Activities

    6. Assignment 2: AppSec Activities

    7. Quiz: Advanced AppSec Activities

About this course

  • Free
  • 95 lessons
  • 5 hours of video content

Build your AppSec program, starting today