Hackflix & Skill

An interactive course in which together with Buggy, we will guide your project team through the most common vulnerabilities that we encounter in our security tests. A few seemingly insignificant bugs can lead to fatal consequences, let’s prevent them. 

An interactive form of the training will consolidate and allow faster use of the acquired knowledge.
We will introduce a hacker perspective in your team. This will help spot weaknesses in the code and significantly improve the security of both the company and its products.

The training unique values:

• We discuss real threats affecting companies
Each episode consists of a vulnerability chain (known as a killchain) which leads to disastrous consequences. We base all stories on real tests we have conducted.
• We will permanently raise awareness of IT threats among your software developers
This course is based on verified and effective methods to support security knowledge.
• We will effectively reduce the real cost of employee training
Most courses have a hidden price – exclusion from work for a day or two. To solve this problem, we have shortened the duration to ~1,5h per episode focusing on key topics and dividing them into small fragments to enable learning at a convenient time.
 Engage trainees through full interactivity
This is not another boring training that can be quickly passed by clicking “next” due to the lack of adjustment to the group. The participant plays the role of Buddie’s student and by having a conversation with him will have an impact on the training.

How do we know it works?

• We have the knowledge and experience gained during over 16 years of providing security services.
• Developers use our tools mainly because of their quality and effectiveness.
• We have worked with thousands of developers from over 15 different countries.
• Our Security Aware Developer On-site workshop is recommended by customers satisfied with the high-quality service.

P.S. Buggy says you can trust us 😉

Course agenda

The course has the form of a season consisting of 4 episodes. Each episode is a separate story based on several vulnerabilities used together in one attack. Participation in the training allows to experience an adventure that makes it easier to understand how a hacker thinks and behaves.
After each episode – filled with different exercises – you will take a quiz that will help remember the presented material.

Episode 01 (Access control, XML Bomb, XXE)
• Access control issue
• Identifying access control vulnerabilities
• Access control – think about it
• XML Bomb
• Identifying payloads using vulnerabilities in the parser
• Detecting an incorrectly written parser
• Security layers
• Threat modeling
• Improving default parser configuration
• Short summary
• Quiz1 – master knowledge from Episode 01
Episode 2 (Redundant data, Data logging, Escalation)
Episode 3 (Phishing)
Episode 4

To verify the progress made and check the knowledge gained – at the very end the participants will take a sum-up quiz covering all the material contained in the first season.

Each participant who exceeds 80% will receive a personal certificate.

Bonuses for Developers:
• Buggy’s 1010
• Security Refferer
• Pre-release access to ITM episodes
• Personal certificate
• Hackflix&Skill box

Security Concierge for CTO:
• Phone consultations with a response within 24 hours/5 days
• Threat Modeling

If you want to introduce our training to your company, please contact us via the contact form on the website. Our specialist will help you choose the most optimal implementation path.

Case study

How did we increase the security of online banking applications?

The client was one of the leading banks with a website for individual and business entities. The scope tests covered transaction website security, payment management services, financial exchange and loan products

More soon…

Become a Client

and let’s build your safe future together

Write to us