RE: application security testing training

From: Don Parker (dparker@bridonsecurity.com)
Date: Thu Dec 02 2004 - 18:20:54 EST

Next message: pingywon: "RE: application security testing training"
Previous message: Maria Da Re: "RE: check the presence of a reverse proxy"
Maybe in reply to: Gaurav Kumar: "application security testing training"
Next in thread: Robert Foxworth: "Re: application security testing training"
Reply: Robert Foxworth: "Re: application security testing training"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) SANS Track 4 is not bad but has little time devoted to buffer overflows and
format string
attacks. Not to metion other like minded phenomenom. It is very hard to find
pertinent
training at this level really. Not only that but as Trey pointed out you need
some prior
knowledge before attending this type of training. I would certainly counsel
anyone to check
with the vendor for the knowledge base required to fully benefit from this type
of specialized
training.

Cheers,

Don

--------------------------------------------------------------
Don Parker, GCIA GCIH
Intrusion Detection & Incident Handling Specialist
Bridon Security & Training Services
http://www.bridonsecurity.com
voice: 1-613-302-2910
--------------------------------------------------------------

On Thu, 2 Dec 2004 16:50 , 'Keifer, Trey' <Trey.Keifer@fishnetsecurity.com> sent:

>While having a solid foundation in both the tools (IDA Pro, softice, gdb) and
concepts of both
>programming languages (C/C++/.NET) and systems architecture(Assembly and i386
instruction sets) will
>certainly give you the ability to perform these types of assessments, I feel it
is unrealistic to
>expect someone to be able to pick up that knowledge in a timeframe relevant to
apply it to themselves
>or their work immediately. Either you have studied those subjects in the past
and you are going to put
>them together now with security in mind or someone is going to pay you to work
on more basic
>assessments and pick the rest up as you can. For individuals with an immediate
need to learn the
>techniques and apply it to their job they need to have an environment they can
ask questions and be
>provided guidance in directions to go when they get stuck. (which can take long
hours and lots of
>creativity to overcome when self-teaching)
>
>SANS Institute offers a supplemental "break out" course by Lenny Zeltser (one of
the only GIAC GSE's
>in the world right now) on Reverse Engineering Malware. It teaches both reverse
engineerig
>fundamentals and how to use the tools (primarily IDA and Vmware) to analyze
compiled binaries via a
>"black-box" method. I wish they would offer it as a full course, but I haven't
seen it yet. The course
>is great though because it gives you hands-on with the tools in an
assessment/investigative mindset
>and because it is malware the apps themselves are typically small and manageable
by beginners.

Next message: pingywon: "RE: application security testing training"
Previous message: Maria Da Re: "RE: check the presence of a reverse proxy"
Maybe in reply to: Gaurav Kumar: "application security testing training"
Next in thread: Robert Foxworth: "Re: application security testing training"
Reply: Robert Foxworth: "Re: application security testing training"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:09 EDT