Security Testing & Static Application Security Testing (SAST) Fundamentals
An Interactive 5-Day Training Course

Security Testing & Static Application Security Testing (SAST) Fundamentals

Identifying Vulnerabilities and Implementing Static Application Security Testing in CI/CD Environments

NASBA
Online Schedule
Date Venue Fees
28 Sep - 02 Oct 2026 Online $ 4,950

Introduction

This Security Testing & Static Application Security Testing (SAST) Fundamentals training course provides professionals with the knowledge required to identify application security vulnerabilities and implement static application security testing practices. The course focuses on understanding common security weaknesses, secure coding risks, and structured security validation approaches. Participants will learn how security testing supports software quality and reduces exposure to application threats. The training course explains how static application security testing identifies vulnerabilities early in the development lifecycle. Emphasis is placed on detecting coding flaws, insecure configurations, and dependency risks. Participants will also understand how structured security testing strengthens application security posture and supports governance requirements.

The training course further develops skills in using SAST tools such as SonarQube to analyze source code and detect vulnerabilities. Participants will learn how to interpret findings, prioritize remediation, and integrate security testing into CI/CD pipelines. The course also addresses OWASP Top 10 vulnerabilities and how to identify them using static analysis techniques. Participants will understand how to incorporate security testing into development workflows and improve collaboration between security and development teams. Additionally, the course explains reporting approaches that support vulnerability management and continuous security improvement. By the end of the training course, participants will be equipped to implement foundational security testing using SAST tools.

This Security Testing & Static Application Security Testing (SAST) Fundamentals training course will highlight:

  • Understanding OWASP Top 10 vulnerabilities
  • Planning application security testing
  • Using SAST tools such as SonarQube
  • Interpreting static analysis results
  • Integrating SAST into CI/CD pipelines

Objectives

At the end of this Security Testing & Static Application Security Testing (SAST) Fundamentals training course, you will learn to:

  • Identify common application vulnerabilities
  • Plan security testing approaches
  • Perform static application security testing
  • Use SAST tools such as SonarQube
  • Integrate security testing into CI/CD pipelines

Training Methodology

This training course provides structured technical guidance for implementing static application security testing practices. The methodology focuses on vulnerability identification, static code analysis, and CI/CD integration. Participants will examine application security risks, review static analysis results, and understand remediation prioritization. The course emphasizes practical application of SAST techniques within modern development environments.

Organisational Impact

This Security Testing & Static Application Security Testing (SAST) Fundamentals training course will enable organisations to:

  • Improve application security posture
  • Detect vulnerabilities early in development
  • Reduce security risks in production systems
  • Strengthen DevSecOps practices
  • Improve vulnerability management
  • Enhance security governance

Personal Impact

Participants will develop:

  • Understand OWASP vulnerabilities
  • Perform static security testing
  • Use SAST tools effectively
  • Interpret vulnerability reports
  • Integrate security testing in CI/CD
  • Improve application security knowledge

Who should Attend?

This training course is designed for professionals involved in software development, testing, and application security assurance.

  • QA Engineers
  • Security Testers
  • Software Developers
  • DevSecOps Engineers
  • Application Security Engineers
  • Test Automation Engineers
Course Outline
Day 1

Application Security Fundamentals

  • Application security concepts
  • Secure development lifecycle
  • Common application vulnerabilities
  • OWASP Top 10 overview
  • Security testing approaches
  • Static vs dynamic testing
Day 2

Static Application Security Testing

  • SAST concepts
  • Static analysis techniques
  • Code scanning approaches
  • Security rule configuration
  • Identifying coding vulnerabilities
  • Managing false positives
Day 3

Using SAST Tools

  • Introduction to SonarQube
  • Configuring SAST scans
  • Analyzing scan results
  • Vulnerability classification
  • Prioritizing remediation
  • Security reporting
Day 4

CI/CD Security Integration

  • SAST in CI/CD pipelines
  • Automated security scans
  • Build pipeline integration
  • Security quality gates
  • Policy enforcement
  • Continuous security testin
Day 5

Vulnerability Management

  • Vulnerability tracking
  • Remediation planning
  • Security metrics
  • Risk-based prioritization
  • Security reporting dashboards
  • Continuous improvement
Certificates
  • On successful completion of this training course, GLOMACS Certificate will be awarded to the delegates.
  • Continuing Professional Education credits (CPE): In accordance with the standards of the National Registry of CPE Sponsors, one CPE credit is granted per 50 minutes of attendance.
Providers and Associations

Endorsed Education Provider

NASBA

In Association With

Oxford Management Centre

Visit Website

Options & Brochure
Related Categories
Cybersecurity
Related Courses

Cybersecurity Fundamentals for AI-Driven Fraud Detection

5 - Day Training

As organisations increasingly turn to Artificial Intelligence (AI) for fraud detection, new cybersecurity challenges and risks are emerging. AI models are only as effective as the systems that...

View Course

Security Essentials Bootcamp

5 - Day Training

This training course provides a comprehensive and practical understanding of the core principles of information security. In an era where digital threats are constantly evolving, organizations need...

View Course

Executive Leadership in Artificial Intelligence (AI) Systems

10 - Day Training

This Executive leadership in Artificial Intelligence (AI) systems training course designed for senior leaders responsible for organizational AI strategy, implementation, and governance. The training...

View Course

Artificial Intelligence (AI) Systems Architecture and Governance

5 - Day Training

This Artificial Intelligence (AI) Systems Architecture and Governance training course is designed for technical leaders shaping the future of enterprise AI systems. In today's rapidly evolving...

View Course
Frequently Asked Question
For detailed information about specific courses, including course content, schedules, and instructors, you can visit our website or contact our customer service team. They will be happy to provide all the information you need to make an informed decision.
Our courses are structured to provide a balanced mix of theory and practical application. They typically include presentations, case studies, group discussions, hands-on activities, and interactive Q&A sessions to maximize learning outcomes.

Yes, upon successful completion of any of our training courses, GLOMACS Certificate will be awarded to the delegates. This certificate is a valuable addition to your professional portfolio and is recognized across various industries.

Yes, GLOMACS provides customized training solutions tailored to meet the specific needs of organizations. We work closely with companies to design bespoke training courses that address their unique challenges and objectives.
You can register for a GLOMACS training course by visiting our website, selecting the course of your choice, and following the simple registration process. You can also contact our support team for assistance with the registration process.
GLOMACS offers both online and in-person training options. You can choose from interactive virtual sessions or attend one of our globally located in-person training courses. The flexibility ensures that learning fits your schedule and preferences.
Attending a GLOMACS training course offers numerous benefits, including enhanced professional skills, increased employability, industry-recognized certification, networking opportunities with peers and experts, and the chance to apply practical knowledge directly to your workplace.
GLOMACS is a globally recognized leader in professional training and development, with a reputation for delivering high-quality, results-driven training courses. We offer a broad spectrum of training courses taught by expert trainers, flexible delivery options (both online and in-person), and accredited certifications that add real value to your career.
Related Categories
Cybersecurity
Cybersecurity

Training Venues

Browse our complete list of training venues

Training Categories

Browse our complete list of training categories