Course ID 00915348
Course format ILT,SCA
Course length 2 days
Delivery languages English
Related certifications
In preparation for these exams
Selected items from this course are included in these exams:
Register for this course.
For information on registering for this course, please visit the HP Enterprise Security University website by clicking on the link above.

Course description

Fortify Security Solutions ATP training consists of two days of intensive training in application security and developing and testing software solutions utilizing HP Fortify Products.  The student will learn about the threats to applications and the architecture and operation of the HP Fortify solution.  Through lectures and hand-on activities the student will learn to implement HP Fortify Static Code Analyzer, HP Fortify Software Security Center, HP WebInspect and HP Fortify Runtime.

Who should attend

Software Developers, Product Managers, Development Managers, Q/A Managers, Q/A Analysts, and Application Security Analysts.

Prerequisites

To be successful in this course, you must have:
• Knowledge of Web and Application Development practices
• Experience Developing and or Managing Software Development

Topics

  • OpenSAMM: Building Security into Software Development
    • Apply the Software Assurance Maturity Model (SAMM) to an organization’s security infrastructure
    • Use the SAMM guidelines  to evaluate the needs of your software security practices
    • Determine the HP Enterprise Security products as they correlate to SAMM compliancy to your organization’s security practices
  • Examine Common Vulnerabilities
    • List the OWASP Top 10 Application Security Risks
    • Perform a basic Threat Model and Risk Assessment
    • Integrate security activities into a basic SDLC
  • Utilization of Fortify Products
    • Identify Fortify Products and how they satisfy the guidelines of the OpenSAMM initiative
    • Describe Reporting and Incident Analysis
    • Describe architecture and structure of Fortify Products in business security environment
    • Present overview of implementation requirements for Fortify Product Suite
  • Fortify Software Security Center
    • Tune scan results
    • Upload and download scans in SSC
    • Create projects in SSC
    • Connect to SSC from AWB
    • Generate reports to show outstanding issues & progress on security goals
    • Integrate security activities into your SDLC
  • Fortify Software Code Analyzer
    • Navigate Audit Workbench
    • Audit and suppress issues
    • Identify information on security issues
  • HP WebInspect Introduction
    • Define operational capabilities of WebInspect
    • License and Activate WebInspect
    • Navigate the operational displays of WebInspect
  • Fortify Runtime
    • List the benefits of using Fortify Runtime
    • Describe how Fortify RunTime correlates testing

Objectives

After completing this course, you should be able to describe the HP Fortify Solution including the following:
• Application Security (OWASP Top Ten)
• HP Fortify SCA
• HP Web Inspect
• HP Fortify Runtime

How to register

Click on this link to register for this course: https://inter.viewcentral.com/events/cust/catalog.aspx?cid=arcsight&event_id=486&pid=1

Policies, fees and cancellations

Course fees may vary and are established and collected by the training center delivering the course. Cancellation fees may apply. Contact your HP Authorized Training Partner for their respective policies.