WEBAP - Web Application Security Training Course
Course
In City Of London
Description
-
Type
Course
-
Location
City of london
Description:
This course will give the participants thorough understanding about security concepts, web application concepts and frameworks used by developers in order to be able to exploit and protect targeted application. In today’s world, that is changing rapidly and thus all the technologies used are also changed at a fast pace, web applications are exposed to hackers attacks 24/7. In order to protect the applications from external attackers one has to know all the bits and pieces that makes the web application, like frameworks, languages and technologies used in web application development, and much more than that. The problem is that attacker has to know only one way to break into the application and developer (or systems administrator) has to know all of the possible exploits in order to prevent this from happening. Because of that it is really difficult to have a bullet proof secured web application, and in most of the cases web application is vulnerable to something. This is regularly exploited by cyber criminals and casual hackers, and it can be minimized by correct planning, development, web application testing and configuration.
Objectives:
To give you the skill and knowledge needed to understand and identify possible exploits in live web applications, and to exploit identified vulnerabilities. Because of the knowledge gained through the identification and exploitation phase, you should be able to protect the web application against similar attacks. After this course the participant will be able to understand and identify OWASP top 10 vulnerabilities and to incorporate that knowledge in web application protection scheme.
Audience:
Developers, Police and other law enforcement personnel, Defense and Military personnel, e-Business Security professionals, Systems administrators, Banking, Insurance and other professionals, Government agencies, IT managers, CISO’s, CTO’s.
Facilities
Location
Start date
Start date
Reviews
Subjects
- Systems
- Web
- Testing
- Personnel
Course programme
Module 1: Security concepts
Module 2: Risk management
Module 3: Hackers attack phases
Module 4: Penetration testing
Module 5: Networking MitM attacks
Module 6: Overview of web technologies and frameworks
Module 7: Tools of the trade
Module 8: Bypassing client side controls
Module 9: Authentication attacks
Module 10: Design/implementation flaws
Module 11: Web application attacks: Injection (A1)
Module 12: Web application attacks: XSS/CSRF (A3/A8)
Module 13: Web application attacks: Broken authentication and session management (A2)
Module 14: Web application attacks: Insecure direct object references/Missing function level access control (A4/A7)
Module 15: Web application attacks: Security mis-configuration/Sensitive data exposure (A5/A6)
Module 16: Web application attacks: Unvalidated redirect and forwards (A10)
Module 17: Logical flaws
WEBAP - Web Application Security Training Course