I know of most of the items listed in the syllabus. I know the basic mitigation strategies. I know the principles behind most of it.
But I've never done it.
That's what's worth the money, to me: I'll be forced to sit down and dedicate some time to actually doing it, with guidance from a professional. I could easily spend more time figuring it all out on my own -- and even at my meager rates, that would add up quickly cost-wise -- and I still might end up missing something, because it's likely that there are gaps in my knowledge that I'm unaware of.
If you haven't actually practiced any of the stuff in the course, it would still be valuable.
What do you mean by "it"? Implement the attacks? No, I haven't, but I don't need to know how to implement the attacks, only the countermeasures. If you mean implement them in apps, then yes, my code had a code review from a security company last week and the most severe item was a password reset form that had autocomplete turned on still.
I know of most of the items listed in the syllabus. I know the basic mitigation strategies. I know the principles behind most of it.
But I've never done it.
That's what's worth the money, to me: I'll be forced to sit down and dedicate some time to actually doing it, with guidance from a professional. I could easily spend more time figuring it all out on my own -- and even at my meager rates, that would add up quickly cost-wise -- and I still might end up missing something, because it's likely that there are gaps in my knowledge that I'm unaware of.
If you haven't actually practiced any of the stuff in the course, it would still be valuable.