Securing legacy software

1 Day

Workshop

Dates and Booking

Description

In this workshop, a systematic approach to tackling the issue of security in legacy software is practiced in practical exercises on a larger application written in Java.

Maintenance often takes up the largest part of a software’s life cycle. In larger organizations, it is not uncommon to have to take over the maintenance of software that you have not written yourself. Especially in the context of so-called legacy systems, developers will often encounter the problem that the issue of security played no or only a subordinate role in the original implementation. However, if the application has to be operated over a longer period of time, possibly even under different operating conditions, e.g. due to a migration to the cloud, the security aspect must be addressed in greater depth.

Agenda

09:00 - 17:30 (incl. 1h lunch break and 4 x 10-15 minute breaks)

  • Getting to know the example application
  • Identification of security-relevant points in (unknown) software
  • Creation of an initial threat model
  • Detecting security vulnerabilities in the source code
  • Use of automated security testing and security scanners

Your Benefits

Recognizing security risks in the operation of legacy software.

Practical measures to improve the security of legacy software.

Audience

Software developers and architects

Your Trainers

Christoph Iserlohn

INNOQ

Scalability and security, host of INNOQ’s Security Podcast

  • Flexible architectures
  • OWASP Top Ten in practice
  • Securing legacy software
  • Web Security

Christoph Iserlohn is a senior consultant at INNOQ. He has many years of experience in the development and architecture of distributed systems. His main focus is on the topics of scalability, availability, and security.

In-House Training

You can also book this training as an in-house training course exclusively for your team. Please use the enquiry form for more details.

Enquire now

Relevant Other Training Courses