We may earn an affiliate commission when you visit our partners.
DevSecCon
Join StackHawk Co-Founder and Chief Security Officer Scott Gerlach to learn more about how application security can truly be developer-first and the latest in dynamic security testing.
Read more
Join StackHawk Co-Founder and Chief Security Officer Scott Gerlach to learn more about how application security can truly be developer-first and the latest in dynamic security testing.
Read more
Join StackHawk Co-Founder and Chief Security Officer Scott Gerlach to learn more about how application security can truly be developer-first and the latest in dynamic security testing.
Dynamic Application Security Testing has developed a bad rap. Application Security as a whole has struggled to keep up with the shifts in modern software delivery, and that is especially true for dynamic application scanning. However, the ability to run security tests against a running version of the application is one of the best ways to ensure you are finding and fixing the security bugs that attackers may be able to exploit. There is a new way to run security tests against your app that works with new development paradigms - REST API, HTTP and GraphQL backing, authentication requirements, and running in pipeline. Join StackHawk Co-Founder and Chief Security Officer Scott Gerlach to learn more about how application security can truly be developer-first and the latest in dynamic security testing.
This course is no longer available. Find something similar by browsing:
Modern Dynamic Application Security Testing
Dynamic Security Testing
REST APIs
HTTP
GraphQL
Authentication Requirements
Pipeline Testing
Register for this course and see more details by visiting:
OpenCourser.com/course/pyrc56/modern
What's inside
Syllabus
Traffic lights
Traffic lights
Read about what's good
what should give you pause and
possible dealbreakers
Examines dynamic application security testing, which is essential to modern development pipelines
Taught by Scott Gerlach, a recognized expert in the field of application security
Suitable for developers who want to improve the security of their applications
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Reviews summary
Practical dast for modern app security
According to students, this course offers a highly relevant and practical guide to Dynamic Application Security Testing (DAST) for modern software development. Learners particularly praise the instructor's expert insights and the clear explanations of how to integrate security into CI/CD pipelines, fostering a developer-first security approach. While many found the hands-on labs and demos exceptionally useful for understanding modern DAST tools, a few suggest the course could benefit from deeper dives into advanced topics and a broader array of tool examples.
Focuses on DAST in current development paradigms.
"This course is fantastic for anyone looking to understand DAST in a modern context."
"The focus on REST, GraphQL, and APIs was timely and relevant. I particularly appreciated the practical demos."
"It effectively covered how DAST fits into a modern development lifecycle. The sections on API security testing were particularly relevant."
Instructor's knowledge and teaching style are highly valued.
"Scott Gerlach is an expert, and his explanations are incredibly clear. Highly recommend for developers and security engineers alike."
"The instructor's expertise shines through. This course demystifies DAST and shows how it can be genuinely effective..."
"The instructor’s practical insights from industry experience are gold. Highly recommend to anyone on a dev or security team."
Provides actionable strategies for modern DAST integration.
"The hands-on labs with StackHawk were especially useful, showing exactly how to integrate security testing into CI/CD pipelines."
"The coverage of integrating DAST into existing workflows (CI/CD) was invaluable. It changed my perspective on application security."
"I learned practical insights into how DAST fits into a modern development lifecycle, which is particularly relevant to my work."
Primarily focuses on one tool, limiting broader exposure.
"It felt more like a product overview at times, particularly when demonstrating StackHawk."
"My only minor suggestion would be to provide more diverse examples of tools or methodologies beyond the primary one demonstrated..."
"I was hoping for more in-depth vulnerability analysis techniques rather than just tool usage."
Some learners desire more advanced or detailed content.
"My only minor critique is that some parts felt a bit high-level, and I wished for deeper dives into specific vulnerability classes..."
"While the course provides a good overview, I found myself wishing for more detailed technical explanations."
"The pace sometimes felt a bit rushed, especially for topics where I expected more detail. Maybe a follow-up course could cover advanced topics."
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Modern Dynamic Application Security Testing with these
activities:
Connect with experienced security professionals
Show steps
Seek guidance from experienced professionals to gain insights and expand your knowledge of dynamic application security testing.
Browse courses on
Mentoring
Show steps
-
Identify potential mentors within your network or industry
-
Reach out and request mentorship
Review of DevOps and Agile Processes
Show steps
Review the fundamental concepts of DevOps and Agile to reinforce the importance of a developer-first approach in security testing.
Browse courses on
DevOps
Show steps
-
Read book: DevOps for Dummies
-
Review online resources on Agile methodologies
Review dynamic application security testing basics
Show steps
Review the fundamentals of dynamic application security testing to ensure you have foundational knowledge before the course begins.
Show steps
-
Revisit resources on dynamic application security testing
-
Summarize key concepts in your own words
Six other activities
Expand to see all activities and additional details
Show all nine activities
Practice writing test cases for dynamic security testing
Show steps
Practice writing test cases to improve your understanding of how to effectively test applications for security vulnerabilities.
Browse courses on
Test Cases
Show steps
-
Review examples of security test cases
-
Write test cases for a sample application
-
Compare your test cases with those of experienced testers
Follow tutorials on advanced dynamic security testing techniques
Show steps
Expand your knowledge and skills by exploring advanced dynamic security testing techniques through guided tutorials.
Show steps
-
Identify reputable sources for tutorials
-
Select tutorials that align with your learning goals
-
Follow the tutorials and complete the exercises
Collaborate with peers to review security test results
Show steps
Engage with peers to critically review security test results and enhance your understanding of potential vulnerabilities.
Browse courses on
Peer Review
Show steps
-
Form a study group with classmates
-
Share and discuss security test results
-
Collaborate on identifying and addressing vulnerabilities
Create a blog post or article on a specific aspect of dynamic security testing
Show steps
Solidify your understanding of dynamic security testing by creating a blog post or article that explains a specific aspect of the topic.
Browse courses on
Content Creation
Show steps
-
Choose a specific topic within dynamic security testing
-
Research and gather information on the topic
-
Write and publish your blog post or article
Develop a security testing plan for a small application
Show steps
Create a security testing plan to apply your knowledge of dynamic application security testing to a practical scenario.
Show steps
-
Identify the scope and objectives of the security testing
-
Select appropriate dynamic security testing tools
-
Develop test cases and procedures
-
Execute the security testing plan and document the results
Contribute to open-source security testing projects
Show steps
Enhance your practical skills and contribute to the development of dynamic application security testing tools by participating in open-source projects.
Browse courses on
Open Source
Show steps
-
Identify open-source security testing projects to contribute to
-
Review project documentation and codebase
-
Make contributions to the project
Connect with experienced security professionals
Show steps
Seek guidance from experienced professionals to gain insights and expand your knowledge of dynamic application security testing.
Browse courses on
Mentoring
Show steps
Show steps
Show steps
- Identify potential mentors within your network or industry
- Reach out and request mentorship
Review of DevOps and Agile Processes
Show steps
Review the fundamental concepts of DevOps and Agile to reinforce the importance of a developer-first approach in security testing.
Browse courses on
DevOps
Show steps
Show steps
Show steps
- Read book: DevOps for Dummies
- Review online resources on Agile methodologies
Review dynamic application security testing basics
Show steps
Review the fundamentals of dynamic application security testing to ensure you have foundational knowledge before the course begins.
Show steps
Show steps
Show steps
- Revisit resources on dynamic application security testing
- Summarize key concepts in your own words
Six other activities
Expand to see all activities and additional details
Show all nine activities
Practice writing test cases for dynamic security testing
Show steps
Practice writing test cases to improve your understanding of how to effectively test applications for security vulnerabilities.
Browse courses on
Test Cases
Show steps
Show steps
Show steps
- Review examples of security test cases
- Write test cases for a sample application
- Compare your test cases with those of experienced testers
Follow tutorials on advanced dynamic security testing techniques
Show steps
Expand your knowledge and skills by exploring advanced dynamic security testing techniques through guided tutorials.
Show steps
Show steps
Show steps
- Identify reputable sources for tutorials
- Select tutorials that align with your learning goals
- Follow the tutorials and complete the exercises
Collaborate with peers to review security test results
Show steps
Engage with peers to critically review security test results and enhance your understanding of potential vulnerabilities.
Browse courses on
Peer Review
Show steps
Show steps
Show steps
- Form a study group with classmates
- Share and discuss security test results
- Collaborate on identifying and addressing vulnerabilities
Create a blog post or article on a specific aspect of dynamic security testing
Show steps
Solidify your understanding of dynamic security testing by creating a blog post or article that explains a specific aspect of the topic.
Browse courses on
Content Creation
Show steps
Show steps
Show steps
- Choose a specific topic within dynamic security testing
- Research and gather information on the topic
- Write and publish your blog post or article
Develop a security testing plan for a small application
Show steps
Create a security testing plan to apply your knowledge of dynamic application security testing to a practical scenario.
Show steps
Show steps
Show steps
- Identify the scope and objectives of the security testing
- Select appropriate dynamic security testing tools
- Develop test cases and procedures
- Execute the security testing plan and document the results
Contribute to open-source security testing projects
Show steps
Enhance your practical skills and contribute to the development of dynamic application security testing tools by participating in open-source projects.
Browse courses on
Open Source
Show steps
Show steps
Show steps
- Identify open-source security testing projects to contribute to
- Review project documentation and codebase
- Make contributions to the project
Career center
Learners who complete Modern Dynamic Application Security Testing will develop knowledge and skills
that may be useful to these careers:
Application Security Engineer
Application Security Engineer
Application Security Engineers are responsible for securing applications from vulnerabilities that could be exploited by attackers. This course will help Application Security Engineers apply dynamic security testing against their running applications and equip them to provide the best possible protection for their organizations.
Security Engineer
Security Engineer
Security Engineers are responsible for implementing and maintaining an organization's information security program. They work to protect the organization's data, systems, and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. Security Engineers provide security consulting, share security best practices, participate in security audits, develop and deliver security awareness training, and conduct security assessments. Modern Dynamic Application Security Testing should provide you with the expertise required to pass industry certifications and successfully perform job duties.
Software Developer
Software Developer
Modern Dynamic Application Security Testing will provide practical knowledge for Software Developers. This course will show how to apply dynamic security testing as part of the software development lifecycle. It teaches how to better secure the development environment and ultimately improve the quality and security of your applications.
Security Analyst
Security Analyst
Security Analysts are responsible for monitoring and analyzing security data to identify threats and vulnerabilities. They also work to develop and implement security solutions. This course can help Security Analysts build a foundation in dynamic application security testing, which is a critical skill for identifying and mitigating application vulnerabilities.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for developing and implementing an organization's information security program. They work to protect the organization's data, systems, and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This course will help Information Security Managers gain a better understanding of dynamic application security testing and how it can be used to improve the security of their organization's applications.
Penetration Tester
Penetration Tester
Penetration Testers are responsible for testing the security of computer systems and networks by simulating attacks. They use a variety of tools and techniques to identify vulnerabilities that could be exploited by attackers. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of web applications.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
The Chief Information Security Officer (CISO) is responsible for the overall security of an organization's information systems. They work to develop and implement security policies and procedures, and they oversee the organization's security team. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of an organization's applications.
Security Architect
Security Architect
Security Architects are responsible for designing and implementing security solutions for organizations. They work to identify and mitigate security risks, and they develop and implement security policies and procedures. This course may be useful for Security Architects who want to learn more about dynamic application security testing and how it can be used to improve the security of their organization's applications.
Security Consultant
Security Consultant
Security Consultants provide security advice and guidance to organizations. They work to help organizations identify and mitigate security risks, and they develop and implement security solutions. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of an organization's applications.
Network Security Engineer
Network Security Engineer
Network Security Engineers are responsible for designing and implementing security solutions for computer networks. They work to protect networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of an organization's networks.
Cloud Security Engineer
Cloud Security Engineer
Cloud Security Engineers are responsible for securing cloud computing environments. They work to protect cloud data, systems, and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of cloud applications.
Security Operations Analyst
Security Operations Analyst
Security Operations Analysts are responsible for monitoring and analyzing security data to identify threats and vulnerabilities. They also work to develop and implement security solutions. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of an organization's applications.
IT Auditor
IT Auditor
IT Auditors are responsible for auditing an organization's information systems to ensure that they are secure and compliant with regulations. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of an organization's applications.
Compliance Officer
Compliance Officer
Compliance Officers are responsible for ensuring that an organization complies with applicable laws and regulations. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of an organization's applications.
Risk Manager
Risk Manager
Risk Managers are responsible for identifying, assessing, and mitigating risks to an organization. This course may provide useful information about dynamic application security testing and how it can be used to improve the security of an organization's applications.
For more career information including salaries, visit:
OpenCourser.com/course/pyrc56/modern
Reading list
We've selected 11 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Modern Dynamic Application Security Testing.
An ever-evolving reference tool and resource for developing and maintaining web applications securely.
A valuable reference containing detailed, step-by-step instructions for technically challenging security flaw discovery, testing, exploitation, and prevention techniques.
A highly recommended resource for understanding the secure development lifecycle, with advice on evaluating and verifying vendor claims of secure design and implementation of security controls.
An in-depth exploration of software security assessment, offering insights into vulnerability discovery and prevention techniques.
An in-depth exploration of software security, providing a solid foundation for secure software development practices and techniques.
Provides a collection of recipes for testing web applications. It valuable resource for anyone who wants to learn how to test web applications for security vulnerabilities.
Save
Provides a comprehensive overview of modern web application security. It covers topics such as threat modeling, secure coding, and incident response.
Provides a collection of recipes for securing web applications. It valuable resource for anyone who wants to learn how to secure web applications.
Provides a comprehensive overview of penetration testing. It covers topics such as planning, execution, and reporting.
Provides a comprehensive overview of web application security. It covers topics such as secure coding, threat modeling, and incident response.
Save
Provides a gentle introduction to penetration testing. It valuable resource for anyone who wants to learn more about the basics of penetration testing.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/pyrc56/modern
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser