Home Introduction to Web Application Security - October Antwerp

The Introduction to Web Application Security training is aimed at creating security awareness to anyone in your development team and to learn basic security checks that functional testers can execute in their normal test cycle.

Introduction to Web Application Security - October Antwerp

  • Price : € 495
  • Exam : No Exam
  • Length : 1 Day
  • Hours : 9:00 to 17:00
  • Category : [Technical]

Course Details

Security failures get more and more attention in the media because the impact becomes ever bigger. Organizations become more dependent on digital workflows and disruptions to these workflows can cause ever larger losses. These losses can be financial, but also with regards to reputation, customer satisfaction and even safety!

Every organisation that creates software should think about security. Unfortunately, this is often still not the case. Many people think security testing is some kind of wizardry that can only be understood by ‘gurus’. This is not the case.

This training is focused on all members of your development team (testers, developers, but also product owners, business analysts, helpdesk and others). It teaches the basic concepts of security and how prevent security mistakes from being made. It is a highly practical training with examples, exercises and discussions on security aspects with a focus on Web Applications.

You will learn that security is the responsibility of all, permeates to all levels of the software development effort. Many security failures can be prevent with basic security measures that can be implemented with limited technical knowledge.

Modules

Skills Gained

Know why security and security testing is important
Integrate basic security development practices and tests into the software development lifecycle
Identify and test on a basic level the OWASP Top 10
Install basic prevention methods for the OWASP top 10

Day 1

Introduction

Why is security important

Where are the security problems

Security test process

How to test security

What is OWASP?

Injection

Broken Authentication and Session Management

Sensitive Data Exposure

XML External Entities (XXE)

Broken Access Control

Security Misconfiguration

Cross Site Scripting (XSS)

Insecure Deserialization

Using Known Vulnerable Components

Insufficient Logging & Monitoring

Laptop requirements

8 GB of hardware memory

64-bit processor

64 GB free disk space (at least)

Wireless (802.11) network adapter

USB ports (not restricted)

BIOS / processor support for Virtualization

Please verify that virtualization is supported on your laptop prior to coming to class

Microsoft Windows 7 or later as the host operating system

Students must be local administrator of this host operating system

Students must know all BIOS or other passwords used on the system

No Group Policy Objects (GPOs) or other similar OS restrictions should be in place, ideally this laptop should not be a member of any domain prior to class.

Prerequisites

  • Familiarity with development or testing concepts

  • Some basic knowledge of networking, programming, HTML, HTTP, SQL

  • Laptop with local administrator rights, to install virtualization software to sample the OWASP top 10

To subscribe, or request more information, please fill in the form below or send an email to info@tesuqa.com

tesuqa is accredited as training provider for the Flemish KMO Portefeuille, please ask if you are eligable for this discount.

KMO Portefeuille logo

Related Courses

ISTQB Foundation
  • 3 Days
  • ISTQB

ISTQB Foundation

In this 3 day course you'll learn the basics of software testing according to the international renowned ISTQB testing …

More Info
ISTQB Advanced – TA - November Antwerp
  • 3 Days
  • ISTQB

ISTQB Advanced – TA - November Antwerp

The ISTQB Advanced Test Analyst training is aimed at how to thoroughly prepare and execute system and acceptance tests, …

More Info
Introduction to Web Application Security
  • 1 Day
  • Technical

Introduction to Web Application Security

The Introduction to Web Application Security training is aimed at creating security awareness to anyone in your …

More Info