Training and Education
Implementing new tools and techniques within the SDLC frequently
involves a cultural change in the way Web applications are conceived,
developed, tested, and managed once in production. For this reason,
Halock has developed a series of instructional services that include
both classroom and custom in-the-field training on security best
practices. Formal classes are held monthly for Secure Coding Practices
and Ethical Hacking. The goals of Halock's Web Application Security
Training services include:
- Understanding application level vulnerabilities
- Understanding architectural vulnerabilities
- Understanding vulnerability research and automated scanning
- Understanding, containing, and mitigating malware
- Understand how to perform Internet application testing
- Security techniques for Quality Assurance and Testing professionals
- Web application audit techniques for internal audit team
- Security monitoring for production Web applications
- Understanding how to design and implement application firewalls
- Integrating new policies, procedures and standards that affect Web
application security
(see VW Credit Case Study)