Name: "Vulnerability Management" training programme - " Finding Vulnerabilities ll - Looking into Code"
Start: 2021-07-14T14:00:00+02:00
End: 2021-09-15T17:30:00+02:00
Location: Zoom

Monday, 12 July 2021
Tuesday, 13 July 2021
Wednesday, 14 July 2021

14:00 Code Audits
Code Audits
14:00 - 15:00
"Code audits - how to improve the quality of the code" Software without bugs or vulnerabilities doesn't exist. If your organization runs software development teams they would be aware of the importance of the secure software development lifecycles and relating subjects. This webinar will introduce some basic concepts as well as tools that help developers to identify bugs before the software goes into production. What you will learn: What are code audits? Why code audits? Planning - How to deal with closed source software? - How to deal with open source software? Tools - Code Scanner - SonarQube - White Source - Coverity? - OWASP Dependency Check Fuzzing/Fuzzer - Web apps: - OWASP ZAP-Proxy - Burp suite - Microsoft One Fuzz https://github.com/microsoft/onefuzz Static Application Security Testing (SAST) Tools Dynamic Application Security Testing (DAST) Tools (Primarily for web apps) Interactive Application Security Testing (IAST) Tools - (Primarily for web apps and web APIs) Static Code Quality Tools Duration: 1 hour Presenter(s)/Facilitator(s): Stefan Kelm, DFN-CERT Affiliation (WP/Task): WP8 Task 1 Authors (content is created by): Tobias Dussa, Klaus Möller, DFN-CERT
Thursday, 15 July 2021
Friday, 16 July 2021

14:00 Vulnerability Disclosure
Vulnerability Disclosure
14:00 - 15:00
"Responsible Disclosure – Letting the cat out of the bag" So you have found vulnerabilities in other people's code. Or other people have found vulnerabilities in your own code. Either way: how to handle the situation? In the long run, trying to keep information about the vulnerability under wraps is unlikely to work, so in this module, we will cover some aspects and strategies of how to approach this issue. What you will learn: - Concepts - Vulnerability handling - Vulnerability disclosure - Exploitation - Advisories Defining Vulnerability policies How to report vulnerabilities to others (Vulnerability reporting) - CVE CNA - Coordinating vulnerability activities Receiving vulnerability information Duration: 1 hour Webinar Host: Pauline Smith (GLAD) Presenter(s)/Facilitator(s): Tobias Dussa, DFN-CERT Affiliation (WP/Task): WP8 Task 1 Authors (content is created by): Stefan Kelm, Klaus Möller DFN-CERT
Saturday, 17 July 2021
Sunday, 18 July 2021

Monday, 19 July 2021
Tuesday, 20 July 2021
Wednesday, 21 July 2021
Thursday, 22 July 2021
Friday, 23 July 2021
Saturday, 24 July 2021
Sunday, 25 July 2021

Monday, 26 July 2021
Tuesday, 27 July 2021
Wednesday, 28 July 2021
Thursday, 29 July 2021
Friday, 30 July 2021
Saturday, 31 July 2021
Sunday, 1 August 2021

Monday, 2 August 2021
Tuesday, 3 August 2021
Wednesday, 4 August 2021
Thursday, 5 August 2021
Friday, 6 August 2021
Saturday, 7 August 2021
Sunday, 8 August 2021

Monday, 9 August 2021
Tuesday, 10 August 2021
Wednesday, 11 August 2021
Thursday, 12 August 2021
Friday, 13 August 2021
Saturday, 14 August 2021
Sunday, 15 August 2021

Monday, 16 August 2021
Tuesday, 17 August 2021
Wednesday, 18 August 2021
Thursday, 19 August 2021
Friday, 20 August 2021
Saturday, 21 August 2021
Sunday, 22 August 2021

Monday, 23 August 2021
Tuesday, 24 August 2021
Wednesday, 25 August 2021
Thursday, 26 August 2021
Friday, 27 August 2021
Saturday, 28 August 2021
Sunday, 29 August 2021

Monday, 30 August 2021
Tuesday, 31 August 2021
Wednesday, 1 September 2021
Thursday, 2 September 2021
Friday, 3 September 2021
Saturday, 4 September 2021
Sunday, 5 September 2021

Monday, 6 September 2021
Tuesday, 7 September 2021
Wednesday, 8 September 2021
Thursday, 9 September 2021
Friday, 10 September 2021
Saturday, 11 September 2021
Sunday, 12 September 2021