Three things I am taking away from this outstanding class: 1. take time for reflection/summarizing, 2. check out our code for vulnerabilities, 3. discuss what to do next short term/long term.
No idea what could be improved. I'll definitely check my GCC command line arguments, but I got some other things I need to write on a post-it and stick to my screen.
It was not easy being confronted with all the mistakes we have committed in our profession coding life but it felt great coming out of the course knowing that we bring lasting security to the applications going forward.
I liked to learn security issues that can happen in any website. The true stories were very attractive. Now I need to go back to my desk and test my applications to crash.
This was awesome! With a few lines of codes the instructor turned the theory into reality (buffer overflow, injection). Lecturer was great, good job! Became paranoid , the good way.
The best way to increase code quality! Focus on well-known security issues, with some added new features. The platform is a great teaching tool, introducing theory in transparent practices.
The labs were very well done. I like how it walked a person through the issue, and with the help from the instructor I was able to easily grasp what the intent was.
Absolutely thorough and in-depth insight into the routines of 'The Other Side". Great atmosphere, knowledgable trainer. Got me thinking in an entirely different way about validation.
Loved the case studies, the exercises and everything that made the topics so hiperrealistic. I'm gonna revisit my old codes and do some serious double-checking. The course needed a lot of coffee to be able to cope with the influx of information.
This course gave me so many new things that it feels like going back to work and starting doing something completely new, with an entirely different approach.
It is impressive that the course teaches the philosophy of right coding routines, not only stand-alone methods. Technically, the Cydrill Sergeant platform is groundbreaking.
The first part of the training, the OWASP TOP 10 fundamentals is a must for every developer team.The rest of modules, depending on the personality and focus area of the coder, may result in mixed interest; but I think, the diversity of the content makes the session valuable even for a wildly mixed audience.