Web Application Security Essentials
Graded: Web Application Security Essentials
1 Question
Top

Web Application Security Essentials

About this course

Web Application Security Essentials

a
Instructor:Fabio Cerullo
Next Scheduled Course:
Monday 11th – Tuesday 12th November 2019


€1,600.00

Course Schedule

Monday 11th – Tuesday 12th November 2019 – Registration Deadline: Friday 1st November 2019

Cycubix Headquarters, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland

Web applications play a key role in the success of an organisation – from streamlining business processes to creating online interactions that ensure a positive customer experience. However, web applications do allow access to critical and confidential resources. But without understanding web application vulnerabilities and addressing them, organisations risk their data, their operations and their reputation.

 

Group discount available – Contact Us for more information

About this course

Objectives

This course provides the knowledge and resources required to evaluate the security of web applications. The participants, through the understanding of theory and a strong focus on practical exercises, will be able to identify critical vulnerabilities in web applications, understand how exploitation works and learn how to implement the necessary corrective measures.

The Web Application Security Essentials course is a comprehensive and strategic overview of web application security and does not focus on a specific programming language, although some knowledge of JavaScript, basic SQL and the HTTP protocol is recommended. For specific programming language training, please see “Further Training” tab.

Overview

The course is aligned with the OWASP Top 10, a world-renowned reference document which describes the most critical web application security flaws.

The topics covered include:

• Introduction to Web Application Security
• Technologies used in Web Applications
• The Security Tester Toolkit
• Critical Areas in Web Applications
• Injection
• Cross Site Scripting (XSS)
• Broken Authentication and Session Management
• Insecure Direct Object References
• Cross Site Request Forgery
• Security Misconfiguration
• Insecure Cryptographic Storage
• Failure to restrict URL Access
• Insufficient Transport Layer Protection
• Unvalidated Redirects and Forwards

Format: The course combines theory and hands-on practical exercises. The participants start by learning about web application vulnerabilities. They are then given access to a purpose-built web application environment that contains the bugs and coding errors they have learned about. This provides an ideal ‘real-life’ opportunity to exploit these vulnerabilities using different open source tools and techniques in a safe environment.

Duration: 2 days (16 hours)

Attendee Profile

The course is designed for professionals who are involved in the development, testing and/or management of web applications such as:

• IT Staff
• IT Managers
• Application Developers
• Information Security professionals
• System Architects
• Systems Auditors
• Quality Assurance professionals

Materials

Printed materials
Virtual image containing all tools used
Certificate of Participation (CPE Points)

Further Training

• The Web Application Secure Coding in Java and Web Application Secure Coding in .Net courses are designed to instruct participants on best practice in secure coding using specific programming languages.

• The ISC2 Certified Secure Software Lifecycle Professional (CSSLP) course is designed for professionals who demonstrate a globally recognised level of competence, as defined in a common body of knowledge, by assuring security throughout the software lifecycle. They incorporate security when planning, designing, developing, acquiring, testing, deploying, maintaining, and/or managing software to increase its trustworthiness

Course Curriculum

Graded: Web Application Security Essentials
1 Question

User registration

You don't have permission to register

Reset password