Vulnerability Discovery Course
1 hour, 47 minutes
Course description
This course is all about tools! We will examine and compare a large list of security tools for vulnerability discovery in five different categories: static application security testing (SAST), software composition analysis (SCA), dynamic network analysis, dynamic application security testing (DAST) and interactive application security testing (IAST). There will be a lot of demonstrations and practical tips and hints on using the security tools.Syllabus
Interactive Application Security Testing (IAST)
Video - 00:17:00
What is IAST? A look at examples of IAST solutions. Demo with Contrast.
Dynamic Application Security Testing (DAST)
Video - 00:16:00
What is dynamic application security testing? A look at top DAST solutions. Demo with the Arachni security framework.
Dynamic Network Analysis
Video - 00:26:00
Define what dynamic analysis and dynamic network analysis are and compare different solutions. Demo with Nessus.
Software Composition Analysis (SCA)
Video - 00:18:00
From drivers to libraries and plugins, open-source is everywhere and it presents risks for your system. Includes a demonstration with OSS Index and VSCode Plugin.
Static Application Security Testing (SAST)
Video - 00:31:00
Define what SAST is and compare different solutions. Demo with Coverity.
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Associated NICE Work Roles
All Infosec training maps directly to the NICE Workforce Framework for Cybersecurity to guide you from beginner to expert across 52 Work Roles.
- Systems Security Analyst
- Knowledge Manager
- Cyber Defense Analyst
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps