Our UK training centre is reopening in June. Learn more about it on our blog.

EC-Council CAST - Advanced Application Security

- Only 3 Days

The EC-Council Centre of Advanced Security Training has arrived at Firebrand Training. This three-day Advanced Application Security course is intensive, and focuses on combating attacks by improving your code-writing.

You will learn how to attack applications on the web, off-the-shelf binary applications and runtimes such as .NET, Java and Adobe AIR. This all takes place on a Virtual Machine, which you keep after the course.

Warning: This is not a beginner’s course. You'll spend 50% of the course in hands-on coding labs, so you must have some programming experience. The course is right for you if you're an: application developer, software programmer or pen tester.

Read more...

Learn how to use these tools and techniques:

  • SSL compelled certificate injection
  • SSL renegotiation
  • CRL libraries
  • SQL root kits
  • XSS
  • 'Fuzzing' (most programmers aren't aware of this, but your code should be fuzzed!)

Note: this course doesn't include an exam, but you'll become Advanced Application Security certified.

9x Accredited Training Centre of the Year

Accredited Training Centre of the Year

Firebrand Training has again won the EC-Council Accredited Training Centre of the Year Award, from a Training Partner network that has more than 700 training centres across 107 countries. This extends a record-breaking run of successive awards to nine years.

Jay Bavisi, President of EC-Council said: “The annual EC-Council Awards highlights the commitment and achievements of our global partners and trainers that have contributed to the information security community.”

See Benefits...

See prices now to find out how much you could save when you train at twice the speed.

Seven reasons why you should sit your course with Firebrand Training

  1. Two options of training. Choose between residential classroom-based, or online CAST AAS courses
  2. You'll be CAST AAS certified in just 3 days. With us, you’ll be CAST AAS trained in record time
  3. Our CAST AAS course is all-inclusive. A one-off fee covers all course materials, exams, accommodation and meals. No hidden extras
  4. Pass CAST AAS first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  5. You’ll learn more. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
  6. You’ll learn CAST AAS faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  7. You’ll be studying CAST AAS with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 75,595 professionals, and we’re partners with all of the big names in the business

Think you are ready for the course? Take a FREE practice test to assess your knowledge!

Benefits of Training with Firebrand

  • Two options of training - Residential classroom-based, or online courses
  • A purpose-built training centre – get access to dedicated Pearson VUE Select facilities
  • Certification Guarantee – pass first time or train again free (just pay for accommodation, exams and incidental costs)
  • Everything you need to certify – you’ll sit your exam on the course and return home certified
  • No hidden extras – one cost covers everything you need to certify

See Curriculum...

Module 1: Advanced Fuzzing Technology

  • Making the application "hiccup"

Module 2: Programming to defend against Attacking from the outside (Over the Web)

  • XSS on Steroids
  • XSRF – The newest Dangers
  • Click Jacking
  • Filter, Filter, Filter
  • Learn New Techniques for Sanitizing input that actually work!
  • The Bank Robber in the Vault Scenario

Module 3: Programming to defend against Attacking From the Inside – Binary Bypassing Antivirus

  • Packing Binaries
  • Crypting Binaries

Module 4: Programming to defend against Attacking From the Same LAN, vLan or Network Segment

  • Arp Cache Poison
  • DNS Poison and Redirection techniques
  • Route Table Poisoning

Module 5: Programming techniques to defend against MiTM attacks of all kinds

  • MITM techniques
  • Quick Overview of Popular Tools
  • Programmers Risk Sheet Checklist!

Module 6: Programming to defend against Cryptographic Errors

  • SSL – The ugly truth. How it can help and hurt you and how to properly use Libraries to ensure your protected
  • Don’t let the User make Security Decisions

Module 7: SQL- DataBase RootKits

  • Ask the Database a question (Query)
  • But receive back what the attacker wants you to receive back.

Appendix: Handy Definitions and Examples Checklist with Examples for Programmers for each Attack and Weakness.

See What's Included...

Official EC-Council Courseware

  • CAST 613 - Advanced Application Security

Your accelerated course includes:

  • Accommodation *
  • Meals, unlimited snacks, beverages, tea and coffee *
  • On-site exams **
  • Exam vouchers **
  • Practice tests **
  • Certification Guarantee ***
  • Courseware
  • Up-to 12 hours of instructor-led training each day
  • 24-hour lab access
  • Digital courseware **
  • * For residential training only. Doesn't apply for online courses
  • ** Some exceptions apply. Please refer to the Exam Track or speak with our experts
  • *** Pass first time or train again free (just pay for accommodation, exams and incidental costs)

See Prerequisites...

Warning: This is not a beginner’s course. You'll spend 50% of the course in hands-on coding labs, so you must have some programming experience. The course is right for you if you're an: application developer, software programmer or pen tester.

You must be familiar with IT security best practices, and have a good understanding of programming logic and common web technologies, as well as binary applications:

  • Basic Windows administration for servers and workstations
  • Basic Linux/NIX system administration skill
  • Basic command line proficiency on both Windows and NIX systems

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.

See Dates...

EC-Council CAST AAS Course Dates

Start

Finish

Status

Location

Book now

24/2/2020 (Monday)

26/2/2020 (Wednesday)

Finished

-

 

29/6/2020 (Monday)

1/7/2020 (Wednesday)

Wait list

Nationwide

 

10/8/2020 (Monday)

12/8/2020 (Wednesday)

Limited availability

Nationwide

 

21/9/2020 (Monday)

23/9/2020 (Wednesday)

Open

Nationwide

 

2/11/2020 (Monday)

4/11/2020 (Wednesday)

Open

Nationwide

 

14/12/2020 (Monday)

16/12/2020 (Wednesday)

Open

Nationwide

 

Here's the Firebrand Training review section. Since 2001 we've trained exactly 75,595 students and asked them all to review our Accelerated Learning. Currently, 96.76% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.


"The chance of having training on your facilities with no disruption is amazing. "
Jorge Neves . (27/4/2020 to 1/5/2020)

"The instructor was fantastic for CEH v10, and gave us a solid understanding of the exam - he also did his best for us by showing us industry standard equipment/knowledge that we should be familiar with outside of the exam. The instructor was very professional, responsive to help us, and was very well-versed in his teachings."
SA. (27/4/2020 to 1/5/2020)

"The instructor was very professional and knowledgeable, who was happy to discuss the points and techniques required for the role. The course was rigorous, but made sure that everything that you need is there. Buying the course myself, I am very happy with the results and plan to put this knowledge and skills learned to good use."
CM. (10/4/2020 to 14/4/2020)

"Instructor was very good and very knowledgeable in the subject area, made the course very enjoyable."
Louis Watanabe. (10/4/2020 to 14/4/2020)

"The instructor was very knowledgeable, professional and simply brilliant with the explanations and demonstrations of the various testing tools including trouble shooting any student installation issues. We used the remote OIL service and it was like being in the classroom with regards using the labs and viewing the course presentation slides."
Mark Grover, Infosec Consulting ltd. (23/3/2020 to 27/3/2020)

Latest Reviews from our students