A fully PCI-DSS 3.2 compliant security training program
with live challenges in the cloud.
After every practical video lesson, trainees must complete the attack or defense technique demonstrated in a live VM environment to advance.
No final exams, no tedious cramming, no multiple choice questions. Just effective study and real world experience.
Your employees hate their current security training. Don't believe us? Ask them! Most likely it's static, tedious and ends in a multiple choice test without any real-world application. To most employees, security training programs are a nuisance, not a chance to improve.
RCSD aims to change this perception.
The RCSD course presents practical knowledge on common web vulnerabilities in short and easy to follow video lessons including live demonstrations.
At the end of every lesson stands a short challenge. We boot a VM containing our proprietary challenges and the trainee has to either successfully attack or defend the system against the taught vulnerability to advance to the next lesson.
The RCSD course is used by startups, small businesses, mid-sized enterprises and Fortune 500 companies.
We are happy to provide you with test accounts to evaluate the RCSD course for your company.
The RCSD course requires no plugins or client application!
All your users need is a stable internet connection and a modern browser.
All of the lessons and challenges run entirely on Amazon's AWS infrastructure. This means we can scale to any number of users and you don't need to install any software.
We believe that you can only write secure code if you understand how weaknesses are abused. The RCSD course thus teaches trainees practical attack and defense skills.
You pay per trainee per training. No hidden fees or yearly costs without content updates. You decide when and if you want to give one of your employees a new training.
Allow your employees to train during trips or at home. All that is required is a stable internet connection and modern browser.
Add a user, set a deadline, and leave the rest to us.
We take care of reminding users of their deadline, supporting their progress and giving you an easy-to-use admin interface from where you can track your employees' progress.
|Lesson 1: Introduction & How-To|
|Lesson 2: Input Validation - Cross-Site Scripting (XSS)|
|Lesson 3: Client Side Input Validation|
|Lesson 4: Input Validation - SQL Injection (SQLi)|
|Lesson 5: Input Validation - Command Injection (CMDi)|
|Lesson 6: Input Validation - File Uploads|
|Lesson 7: Input Validation - Remote File Inclusion (RFI)|
|Lesson 8: Forced Browsing|
|Lesson 9: Directory Traversal|
|Lesson 10: Authentication|
|Lesson 11: Session Management|
|Lesson 12: Authorization|
|Lesson 13: Sniffing, MITM & SSL|
|Lesson 14: Open Redirects|
|Lesson 15: Cross-Site Request Forgery (CSRF)|
|Lesson 16: Information Leakage|
|Lesson 17: Browser Security Measures|
|Lesson 18: Simple Scanner Usage|
|Lesson 19: Closing Thoughts|
|Lesson 1: XPath Injection|
|Lesson 2: Buffer Overflows|
|Lesson 3: Secure Cryptographic Storage|
|Lesson 4: Encrypted Databases|
|Lesson 5: Logging|
|Lesson 6: Environment Separation|
Interested in RCSD? Get started right away!
Contact the Reflare client support centre to learn more.