Web security fundamentals
Course
In London
Description
-
Type
Course
-
Location
London
-
Duration
2 Days
From an introduction to security breach issues, through to a review of security coding strategies and practical workshops, delegates will gain an extended knowledge to help them build web applications that are safer for organisations, their clients and the public to use.
Facilities
Location
Start date
Start date
About this course
An understanding of web technologies
What a scripting language is
What a database is
The difference between client and server side
A general understanding of PHP (or similar language)
An understanding of HTML
Basic knowledge of SQL
Basic knowledge of Javascript (although not compulsory)
Reviews
Course programme
From an introduction to security breach issues, through to a review of security coding strategies and practical workshops, delegates will gain an extended knowledge to help them build web applications that are safer for organisations, their clients and the public to use.
Prerequisites
An understanding of web technologies What a scripting language is What a database is The difference between client and server side A general understanding of PHP (or similar language) An understanding of HTML Basic knowledge of SQL Basic knowledge of Javascript (although not compulsory)
Course Content Introduction - What is web security?
- What are websites and web applications?
- Hello World! - Why is this the most secure web application?
- Who poses a security risk?
- Levels and severity of security breaches
- Identification: Security breach consequences
- Identification: Web security solutions
- How to strike a balance between security and functionality
- A practical exercise to define an imaginary web application and features which need to be considered for a security analysis.
- A review of website system areas a hacker will target
- Identification: The most common forms of attacks
- A practical exercise to review website systems to identify how they could be hacked
- Hacking a real application with cross site scripting (XSS)
- Hacking a real application with SQL injection
- Hacking a real application with form spoofing
- Hacking a real application with session hijacking
- Hacking a real application via the querystring
- Hacking a real application via FTP
- Securing a real application against cross site scripting
- Securing a real application against SQL injection
- Securing a real application against form spoofing
- Securing a real application against session hijacking
- Securing a real application against querystring manipulation
- An identification of security methods for FTP attacks
- How to draw up a website system security plan
- How to segment users into security categories
- How to segment website system features into security categories
- How to identify a plan to test web applications for security concerns
- How to identify a strategy for maintaining security
- Existing common security threats
- Future security considerations
- Keeping website systems usable
- A group discussion regarding issues specifically relevant to their work
Web security fundamentals