EC-Council - CAST - Advanced Application Security

Duration

Duration:

Only 3 Days

Method

Method:

Classroom / Online / Hybrid

Next date

Next date:

28/6/2021 (Monday)

Overview

The EC-Council Centre of Advanced Security Training has arrived at Firebrand Training. This three-day Advanced Application Security course is intensive, and focuses on combating attacks by improving your code-writing.

You will learn how to attack applications on the web, off-the-shelf binary applications and runtimes such as .NET, Java and Adobe AIR. This all takes place on a Virtual Machine, which you keep after the course.

Warning: This is not a beginner’s course. You'll spend 50% of the course in hands-on coding labs, so you must have some programming experience. The course is right for you if you're an: application developer, software programmer or pen tester.

Learn how to use these tools and techniques:

  • SSL compelled certificate injection
  • SSL renegotiation
  • CRL libraries
  • SQL root kits
  • XSS
  • 'Fuzzing' (most programmers aren't aware of this, but your code should be fuzzed!)

Note: this course doesn't include an exam, but you'll become Advanced Application Security certified.

9x Accredited Training Centre of the Year

Accredited Training Centre of the Year

Firebrand Training has again won the EC-Council Accredited Training Centre of the Year Award, from a Training Partner network that has more than 700 training centres across 107 countries. This extends a record-breaking run of successive awards to nine years.

Jay Bavisi, President of EC-Council said: “The annual EC-Council Awards highlights the commitment and achievements of our global partners and trainers that have contributed to the information security community.”

Seven reasons why you should sit your CAST AAS course with Firebrand Training

  1. You’ll be CAST AAS certified in just 3 days. With us, you’ll be CAST AAS trained in record time
  2. Our CAST AAS course is all-inclusive. A one-off fee covers all course materials, accommodation and meals. No hidden extras
  3. Pass CAST AAS first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  4. You’ll learn more CAST AAS. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
  5. You’ll learn CAST AAS faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  6. You’ll be studying CAST AAS with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 102,584 professionals, and we’re partners with all of the big names in the business
  7. You'll do more than study CAST AAS courseware. We use labs, case studies and practice tests to make sure you can apply your new knowledge to the work environment. Our instructors use demonstrations and real-world experience to keep the day interesting and engaging

Benefits

Other accelerated training providers rely heavily on lecture and independent self-testing and study.

Effective technical instruction must be highly varied and interactive to keep attention levels high, promote camaraderie and teamwork between the students and instructor, and solidify knowledge through hands-on learning.

Firebrand Training provides instruction to meet every learning need:

  • Intensive group instruction
  • One-on-one instruction attention
  • Hands-on labs
  • Lab partner and group exercises
  • Question and answer drills
  • Independent study

This information has been provided as a helpful tool for candidates considering training. Courses that include certification come with a certification guarantee. Pass first time or train again for free (just pay for accommodation and exams on your return). We do not make any guarantees about personal successes or benefits of obtaining certification. Benefits of certification determined through studies do not guarantee any particular personal successes.

Curriculum

Module 1: Advanced Fuzzing Technology

  • Making the application "hiccup"

Module 2: Programming to defend against Attacking from the outside (Over the Web)

  • XSS on Steroids
  • XSRF – The newest Dangers
  • Click Jacking
  • Filter, Filter, Filter
  • Learn New Techniques for Sanitizing input that actually work!
  • The Bank Robber in the Vault Scenario

Module 3: Programming to defend against Attacking From the Inside – Binary Bypassing Antivirus

  • Packing Binaries
  • Crypting Binaries

Module 4: Programming to defend against Attacking From the Same LAN, vLan or Network Segment

  • Arp Cache Poison
  • DNS Poison and Redirection techniques
  • Route Table Poisoning

Module 5: Programming techniques to defend against MiTM attacks of all kinds

  • MITM techniques
  • Quick Overview of Popular Tools
  • Programmers Risk Sheet Checklist!

Module 6: Programming to defend against Cryptographic Errors

  • SSL – The ugly truth. How it can help and hurt you and how to properly use Libraries to ensure your protected
  • Don’t let the User make Security Decisions

Module 7: SQL- DataBase RootKits

  • Ask the Database a question (Query)
  • But receive back what the attacker wants you to receive back.

Appendix: Handy Definitions and Examples Checklist with Examples for Programmers for each Attack and Weakness.

What's Included

Official EC-Council Courseware

  • CAST 613 - Advanced Application Security

Firebrand Training offers top-quality technical education and certification training in an all-inclusive course package specifically designed for the needs and ease of our students. We attend to every detail so our students can focus solely on their studies and certification goals.

Our Certification Programs includes

  • Intensive Hands-on Training Utilising our (Lecture | Lab | Review)TM Delivery
  • Comprehensive Study Materials, Program Courseware and Self-Testing Software including MeasureUp *
  • Fully instructor-led program with 24 hour lab access
  • Examination vouchers **
  • Near site testing, Transportation to/from Testing Center are provided ***
  • Accommodation, all meals, unlimited beverages, snacks and tea / coffee****
  • Examination Passing Policy

Please note

  • * Not on all courses
  • ** Examination vouchers are not included for the following courses: PMP, CAPM and CISSP CBK Review
  • *** Not included in our PMP, CAPM, CISA, CISM, CGEIT, CRISC, (ISC)2 or ITIL Managers and Revision Certifications
  • **** Accommodation not included on the CISSP CBK Review Seminar

Our instructors teach to accommodate every student's learning needs through individualised instruction, hands-on labs, lab partner and group exercises, independent study, self-testing, and question/answer drills.

Firebrand Training has dedicated, well-equipped educational facilities where you will attend instruction and labs and have access to comfortable study and lounging rooms. Our students consistently say our facilities are second-to-none.

Examination Passing Policy

Should a student complete a Firebrand Training Program without having successfully passed all vendor examinations, the student may re-attend that program for a period of one year.  Students will only be responsible for accommodations and vendor exam fees.

Prerequisites

Warning: This is not a beginner’s course. You'll spend 50% of the course in hands-on coding labs, so you must have some programming experience. The course is right for you if you're an: application developer, software programmer or pen tester.

You must be familiar with IT security best practices, and have a good understanding of programming logic and common web technologies, as well as binary applications:

  • Basic Windows administration for servers and workstations
  • Basic Linux/NIX system administration skill
  • Basic command line proficiency on both Windows and NIX systems

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.

Reviews

Here's the Firebrand Training review section. Since 2001 we've trained exactly 102,584 students and asked them all to review our Accelerated Learning. Currently, 96.68% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.


"Firebrand has been an excellent experience that has bolstered my knowledge of security greatly. The course volume and length of the days are quite the undertaking but the teaching style makes it work with an excellent pay off from sticking through it."
D.B.. (2/4/2021 (Friday) to 6/4/2021 (Tuesday))

"The material has been presented professionaly. Breaks has been given quite regularly. The instructor has been very helpful"
Nikolina Ilcheva, NIKOLINA ILCHEVA. (2/4/2021 (Friday) to 6/4/2021 (Tuesday))

"Wow! What an amazing course. I have gained a massive amount of knowledge over the last 5 days. And the tutor made it more interesting than I even imagined :- I would recommend this training to anyone who wants to get immersed in the world of Ethical Hacking. Thank you"
Daniel Cieslar. (1/2/2021 (Monday) to 5/2/2021 (Friday))

"Experience from the outset was excellent. I was advised on the best course of action which really helped me decide the most appropriate course. The instructor delivered the course SUPERBLY. Wow! What a body of knowledge he possesses. First class experience and i can highly recommend this course!!"
Alan Gardner, Darkskope Corporation. (8/2/2021 (Monday) to 10/2/2021 (Wednesday))

"At first hesitant to try online training as I prefer the face to face and interaction. Found it was really good and managed very well."
Shane Lewis, Semafone Limited. (8/2/2021 (Monday) to 10/2/2021 (Wednesday))

Course Dates

Start

Finish

Status

Location

Book now

22/2/2021 (Monday)

24/2/2021 (Wednesday)

Finished - Leave feedback

-

 

28/6/2021 (Monday)

30/6/2021 (Wednesday)

Wait list

Nationwide

 

9/8/2021 (Monday)

11/8/2021 (Wednesday)

Limited availability

Nationwide

 

20/9/2021 (Monday)

22/9/2021 (Wednesday)

Open

Nationwide

 

1/11/2021 (Monday)

3/11/2021 (Wednesday)

Open

Nationwide

 

13/12/2021 (Monday)

15/12/2021 (Wednesday)

Open

Nationwide

 

Latest Reviews from our students