Refresh and sharpen your Mendix security expertise

Already familiar with our Mendix trainings? Sharpen your expertise in the Mendix Security Masterclass. In just one day, you’ll refresh your knowledge of all Mendix vulnerabilities from The S-Unit Top 10, so you stay ahead of threats and keep your Mendix applications resilient by design.

Who is it for?

This training is for: 

• Developers of Mendix applications 
• Architects of Mendix applications 
• Testers of Mendix applications 

Not sure if this training is for you… contact us.

During this training, you'll learn about:

Participants are exposed to the techniques attackers use to compromise Mendix applications, as well as the tools and approaches developers can use to defend their applications.   

This is what you'll learn:

• The concepts behind the Mendix security model  
• All vulnerabilities from The S-Unit Top 10: the most critical Mendix vulnerabilities we encounter again and again.
• Methods to find/exploit vulnerabilities yourself in
  • Data model / access rules 
  • Microflows 
  • REST/SOAP API’s 
  • Custom request handlers 

Our belief

We believe that Mendix applications are only truly secure when you understand how they are attacked. That’s why we teach developers to think like a hacker and turn security into a mindset. With more than ten years of experience, specialized Mendix experts, hundreds of tested Mendix applications, and our role as an official Mendix security partner, we understand the attack patterns, pitfalls, and limitations of the platform. We bundle this knowledge in The S-Unit Top 10 and share it with you, so every Mendix developer can build with security by design.

Prior knowledge

For this training you will need to have basic experience with Mendix Studio Pro.  

Included

• Training material 
• Certificate of participation 

You need to bring

• A laptop with the following software installed: 
  • Burp
  • Mendix Studio Pro (latest version) 

Theory

• Basic theory web applications & web app hacking
• Mendix security model and implementation
• Attack surface Mendix applications
• The S-Unit Top 10 Mendix kwetsbaarheden
• Recognize and prevent

Practical exercises

• Direct interaction with Mendix applications via JavaScript and HTTP
• Enumeration of accessible data and functionalities in Mendix applications
• Recognizing and exploiting common vulnerabilities through hack challenges

Dirk van Veen
Ethical Hacker & Founder - The S-Unit

Dirk van Veen is an ethical hacker and founder of The S-Unit with a master's degree in Computer Security. He started in 2011 as a penetration tester and within The S-Unit he is ultimately responsible for the technical side of all hacking and consultancy activities. Dirk enjoys exploring and finding vulnerabilities in new technologies, such as application frameworks, cloud platforms and low code solutions. In addition to his work at The S-Unit, Dirk regularly organizes hack competitions for Hack in the Box (2012-2019) and Platform for Information Security (2014-present) and he gives weekly ballroom dancing lessons to students in Amsterdam.

Training location

Online

Lunch

Lunch is not included in this training.

Start and end time

9:00 am to 5:00 pm CEST.

Language

The language of the training is always indicated. If you would like to follow the training in another language, please contact us. If there is sufficient interest, the training will also be offered in other languages.. 

Are you missing information or do you have special wishes?

Send an email to [email protected] and we contact you!!