Bootcamp: Rapid Threat Modeling with GenAI & LLMs - June 6-7, 2024. Only 12 seats left - Secure your spot!

Attacking the Application Supply-Chain

An attack on your application supply chain is like cutting off the artery connecting organizations to their customers.
Companies have lost billions to supply chain attacks in recent years.

Which is exactly why we're going to show you how to do it. Securing application supply chains is all about understanding how the attacker thinks, and leveraging offensive techniques to build robust defensive measures.
talk to usview all lessons

Secure the Supply Chain at every step

Supply chain security starts before you even build the app, and is an ongoing process after deployment.
You'll learn real-world attack methods to find every possible exploit at every level of development.

Take a look at some of what you'll be training on:

Red-team threat modeling for supply chains

How to attack CI services with attack stories and labs

Cloud-native supply chain attacks

How to attack Kubernetes supply chains

view all lessons

Why you'll love this program

Hands-on labs take you step-by-step through each lesson
Featuring advanced offensive techniques used by attackers
Lessons modeled on real-world security problems
Can be customized for your organization's needs

talk to us

These people loved us too

Never found a crypto class this informative. Great job, Abhay!

Sukanya S
senior security engineer
World's Largest Sports Equipment Manufacturer

Abhay is a phenomenal instructor, he is extremely knowledgeable and engaging. The labs were really fun and relevant... I learned a ton and look forward to putting it into practice.

Christian San Roman
Senior Security Executive
Defense industry

Thanks AppSecEngineer for amazing courses, information

Moises T.
DevSecOps, Purple Teaming
softtek

Thorough threat modeling process that can be applied to internal and external networks.... Training was a 10x multiplier for us, allowing our team to easily build models the SOC can use.

Jessica O.
Cyber Threat Intelligence & Threat Hunt Development Lead
CYBERSECURITY OPERATIONS CENTER (CSOC)

Course Abstract

Supply Chain risks are everywhere. Over the last 3 years, we’ve seen a burst of supply chain exploits against organizations, totaling billions of dollars of value lost. Supply-chain security and implementation is essential, and in some cases, required by regulation. However, it is important for pentesters and red-teams to understand how they can leverage supply-chain attacks against applications, to further strengthen their defense and blue-team implementations against it. 

This training is a deep hands-on, red-team exploration of application supply-chains. We commence with an understanding of application supply chains, and subsequently deep-dive into story-driven scenarios of exploiting different supply-chains like exploiting CI systems, build systems. Container infrastructure and cloud-native infrastructure hosted on Kubernetes, AWS and Azure. 

People learn better with stories. All our exploit and lateral movement scenarios are intricately designed hands-on examples that are backed by real-world stories and anecdotes that help students understand this subject-matter a lot better.

View full abstract & course details

We have other training programs for you

Purple Team AWS Training
Kubernetes Threat Hunting
Kubernetes Security Masterclass
DevSecOps
Masterclass

The best AppSec training in the biz

We’ve been training at top security events like Black Hat, DEF CON, and OWASP for years.
Zero compromise training that gets results. That's AppSecEngineer.
talk to us

Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023