Background
Recently I had the pleasure of attending @snyff
’s WSCRT course!
I think it fits the niche in terms of the difficulty (and pricing) scale of
[WSCRT] -> [OSWE] -> [FSWA]
Structure
The course is split into 4-day 4-hour remote sessions, with breaktime in between. On a high-level, the course covers code review methodologies from the top-down, which is a interesting 180 from OSWE who do it via case studies from the bottom-up.
Takeaway
Good for new starters
What I liked about the course is that instead of just telling you what was bad, it also tells you why, how it was fixed, and whether it could have been fixed better or even re-exploited after the fix. The course also makes good use of analogies and learning aids to help in communicating concepts.
Fills gaps in knowledge
The course also wasn’t afraid to cover areas of code reviews which others have not, mainly in the areas of code correctness and best practices, actual logic (an example being a developer writing a code that does something close to what they want instead og the thing they actually want) as well as topics like Cryptography and Ecncryption.
Anytime anywhere
Another plus in my opinion is being able to save the course material and videos to revisit down the line, which makes the price tag worth it imo. Even tho this means that Louis could just sell recordings, he doesn’t and he still conducts live sessions to help answer questions live!