A technical penetration testing course for software engineers, testers, system admins, and anyone who wants to get into security.
Learning Objectives: Upon completion of the course, participants will be able to execute a basic penetration test using fundamental techniques and a field-proven testing methodology.
Level: Beginner to Intermediate
Duration: 2 to 5 days
A technical secure programming course aimed at the modern Java developer, presenting exciting information and concepts on security attack and defence that cannot be found elsewhere.
Learning Objectives: Upon completion of the course, participants will be able to apply secure programming techniques to new and existing codebases, mitigating security issues at their root cause.
Level: Intermediate to Advanced
Duration: 1 to 3 Days
While there are a few books and presentations on Threat Modelling, resources and guidance is limited when it comes to applying these concepts in the real-world. It can be very daunting and overwhelming when tasked with constucting a new threat model, hence this training is not just about learning the theory, but also about sharing the war-stories and approaches from the instructor's years of threat modelling work. Along with that, this course also includes practical hands-on exercises to consolodate the concepts taught.
Learning Objectives: Upon completion of this course, participants will have gained an excellent understanding of Threat Modelling concepts, and be able to apply those concepts to effectively model threats that face an application, or organisation.
Duration: 1 day
The Secure Application Growth & Enablement (SAGE) training program has been specifically designed to uplift the security culture and awareness of your organisation. SAGE aims to improve your organisations ability to efficiently and effectively maintain a secure software development lifecycle, as well as build a sustainable application security program that scales with your existing resources.
Overall the course was great, but I particularly enjoyed the "Create your hacker mindset" module. As a software engineer, I feel like those techniques are going to be very useful in the next security planning session.
I really liked the integration of business concerns, like UX, when coming up with a security patch. I also loved the hacker mindset component and problems in multiple ways, like inverse thinking. Loved the practical exercises and how they encompassed the whole flow including patching.
Loved the structure (example --> theory --> lab). Was really helpful and engaging. The real world examples were really helpful for seeing the great relevance of the material. Loved the unit testing approach to secure programming. Made it really easy to follow along and do the work.
Daniel was very approachable and hands on during the presentation. Always willing to help. The pace was perfect for learning.
I do a lot of Threat Modelling and wanted to go to Matt’s class at Kiwicon to work out whether it’s really a science or an art. It was very interesting and my takeaway after the class is it really is an art.
I loved the practicality of the thought process and approaches. It really made me think about how to tackle security in a way that makes so much sense to traditional penetration testing.