Web Application Security Essentials
About this course
Web Application Security Training
Monday 11th – Tuesday 12th November 2019 – Registration Deadline: Friday 1st November 2019
Cycubix Headquarters, Block 4, Harcourt Centre, Harcourt Road, Dublin 2, Ireland
Web applications play a key role in the success of an organisation – from streamlining business processes to creating online interactions that ensure a positive customer experience. However, web applications do allow access to critical and confidential resources. But without understanding web application vulnerabilities and addressing them, organisations risk their data, their operations and their reputation.
Group discount available – Contact Us for more information
About this course
This Web Application Security Essentials course provides the knowledge and resources required to those responsible for implementing, managing, or protecting web applications. The participants, through the understanding of theory and a strong focus on practical exercises, will be able to identify critical vulnerabilities in web applications, understand how exploitation works and learn how to implement the necessary corrective measures.
The course is aligned with the OWASP Top 10, a world-renowned reference document which describes the most critical web application security flaws.
The topics covered include:
• Introduction to Web Application Security
• Technologies used in Web Applications
• The Security Tester Toolkit
• Critical Areas in Web Applications
• Cross Site Scripting (XSS)
• Broken Authentication and Session Management
• Insecure Direct Object References
• Cross Site Request Forgery
• Security Misconfiguration
• Insecure Cryptographic Storage
• Failure to restrict URL Access
• Insufficient Transport Layer Protection
• Unvalidated Redirects and Forwards
Format: The course combines theory and hands-on practical exercises. The participants start by learning about web application vulnerabilities. They are then given access to a purpose-built web application environment that contains the bugs and coding errors they have learned about. This provides an ideal ‘real-life’ opportunity to exploit these vulnerabilities using different open source tools and techniques in a safe environment.
Duration: 2 days (16 hours)
The course is designed for professionals who are involved in the development, testing and/or management of web applications such as:
• IT Staff
• IT Managers
• Application Developers
• Information Security professionals
• System Architects
• Systems Auditors
• Quality Assurance professionals
• Printed materials
• Virtual image containing all tools used
• Certificate of Participation (CPE Points)
• The Web Application Secure Coding in Java and Web Application Secure Coding in .Net courses are designed to instruct participants on best practice in secure coding using specific programming languages.
• The ISC2 Certified Secure Software Lifecycle Professional (CSSLP) course is designed for professionals who demonstrate a globally recognised level of competence, as defined in a common body of knowledge, by assuring security throughout the software lifecycle. They incorporate security when planning, designing, developing, acquiring, testing, deploying, maintaining, and/or managing software to increase its trustworthiness